CVE-2023-25645
CVE-2023-25645
Vexday Risk Score
21Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS 7.7EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
16 jun 2023Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
There is a permission and access control vulnerability in some ZTE AndroidTV STBs. Due to improper permission settings, non-privileged application can perform functions that are protected with signature/privilege-level permissions. Exploitation of this vulnerability could clear personal data and applications on the user's device, affecting device operation.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →