CVE-2023-29727

Exploit

EPSS 0.12%
Veröffentlicht 30.05.2023 23:15:09
Zuletzt bearbeitet 13.01.2025 18:15:13
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Call Blocker application 6.6.3 for Android allows unauthorized applications to use exposed components to delete data stored in its database that is related to user privacy settings and affects the implementation of the normal functionality of the application. An attacker can use this to cause an escalation of privilege attack.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 6

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Applika ≫ Call Blocker Version6.6.3 SwPlatformandroid

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.12%	0.318

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
134c704f-9b21-4f2e-91b3-4a467353bcc0	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-922 Insecure Storage of Sensitive Information

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

https://play.google.com/store/apps/details?id=com.cuiet.blockCalls

Product

https://www.call-blocker.info/

Product

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29727/CVE%20detail.md

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-29727

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-29727

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-29727

EUVD