CVE-2023-52343Improper Validation of Specified Quantity in Input in Technologies CO LTD T760 T770 T820 S8000

CWE-1284Improper Validation of Specified Quantity in Input2 documents2 sources
Severity
5.5MEDIUMNVD
EPSS
0.2%
top 57.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Unisoc Technologies CO LTD T760 T770 T820 S8000Google Android
Timeline
PublishedApr 8

Description

In SecurityCommand message after as security has been actived., there is a possible improper input validation. This could lead to remote information disclosure no additional execution privileges needed

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:LExploitability: 0.7 | Impact: 4.7

Affected Packages2 packages

NVDgoogle/android12.0, 13.0, 14.0+2
CVEListV5unisoc_technologies_co_ltd/t760_t770_t820_s8000Android12/Android13/Android14

🔴Vulnerability Details

1
GHSA
GHSA-g726-jqm5-9q9f: In SecurityCommand message after as security has been actived2024-04-08