7.8

CVE-2023-49794

Exploit

EPSS 0.03%
Veröffentlicht 02.01.2024 20:15:10
Zuletzt bearbeitet 21.11.2024 08:33:51
Quelle security-advisories@github.com
CVE-Watchlists
Login
Unerledigt
Login

KernelSU is a Kernel-based root solution for Android devices. In versions 0.7.1 and prior, the logic of get apk path in KernelSU kernel module can be bypassed, which causes any malicious apk named `me.weishu.kernelsu` get root permission. If a KernelSU module installed device try to install any not checked apk which package name equal to the official KernelSU Manager, it can take over root privileges on the device. As of time of publication, a patched version is not available.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Kernelsu ≫ Kernelsu Version <= 0.7.1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.067

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
security-advisories@github.com	6.7	0.8	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE-290 Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

https://drive.google.com/file/d/1b9UrmG_co9EJXB_yMBneRArUIR5sTuaN/view?usp=drive_link

Product

https://github.com/tiann/KernelSU/security/advisories/GHSA-8rc5-x54x-5qc4

Vendor Advisory

Exploit

https://nvd.nist.gov/vuln/detail/CVE-2023-49794

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-49794

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-49794

EUVD