Vulnerabilities > CVE-2021-23244 - Unspecified vulnerability in Oppo Coloros 11
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
oppo
Summary
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |