There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and applications on the user's device, affecting device operation.
References
Link | Resource |
---|---|
https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1031464 | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: zte
Published: 2023-06-16T00:00:00
Updated: 2023-06-16T00:00:00
Reserved: 2023-02-09T00:00:00
Link: CVE-2023-25645
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-06-16T19:15:14.527
Modified: 2023-06-26T22:19:11.390
Link: CVE-2023-25645
JSON object: View
Redhat Information
No data.
CWE