7.8

CVE-2023-29733

Exploit

EPSS 0.04%
Veröffentlicht 30.05.2023 20:15:10
Zuletzt bearbeitet 14.01.2025 15:15:11
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

The Lock Master app 2.2.4 for Android allows unauthorized apps to modify the values in its SharedPreference files. These files hold data that affects many app functions. Malicious modifications by unauthorized apps can cause security issues, such as functionality manipulation, resulting in a severe escalation of privilege attack.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Dualspace ≫ Lock Master Version2.2.4 SwPlatformandroid

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.113

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE-276 Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29733/CVE%20detail.md

Third Party Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-29733

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-29733

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-29733

EUVD