CVE-2023-48417Missing Authorization in Google Chromecast Firmware

CWE-862Missing Authorization3 documents3 sources
Severity
9.8CRITICALNVD
EPSS
0.1%
top 82.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google Chromecast FirmwareGoogle Android
Timeline
PublishedDec 11

Description

Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDgoogle/chromecast_firmware< 2023-10-01
CVEListV5google/androidAndroid SoC

🔴Vulnerability Details

2
GHSA
GHSA-93jf-wpmx-46x7: Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application2023-12-11
CVEList
CVE-2023-48417: Missing Permission checks resulting in unauthorized access and Manipulation in KeyChainActivity Application2023-12-11