CVE-2023-48354

EPSS 0.01%
Published 18.01.2024 03:15:58
Last modified 20.06.2025 19:15:24
Source security@unisoc.com
Teams watchlist Login
Open Login

In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed

Affected products Warnungen 0 Metrics 3 CWE 1 References 4

Data is provided by the National Vulnerability Database (NVD)

Google ≫ Android Version11.0

   Unisoc ≫ S8000 Version-
   Unisoc ≫ Sc7731e Version-
   Unisoc ≫ Sc9832e Version-
   Unisoc ≫ Sc9863a Version-
   Unisoc ≫ T310 Version-
   Unisoc ≫ T606 Version-
   Unisoc ≫ T610 Version-
   Unisoc ≫ T612 Version-
   Unisoc ≫ T616 Version-
   Unisoc ≫ T618 Version-
   Unisoc ≫ T760 Version-
   Unisoc ≫ T770 Version-
   Unisoc ≫ T820 Version-

Google ≫ Android Version12.0

Google ≫ Android Version13.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.01%	0.006

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
134c704f-9b21-4f2e-91b3-4a467353bcc0	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-48354

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-48354

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-48354

EUVD