Vulnerabilities > CVE-2023-33911 - Missing Authorization vulnerability in Google Android 10.0/11.0/9.0

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

google

CWE-862

NVD

Published: 2023-08-07

Updated: 2023-08-10

Summary

In vowifi service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android 9.0 Google Android 10.0 Google Android 11.0	3
Hardware	Unisoc Unisoc Sc7731E - Unisoc Sc9832E - Unisoc Sc9863A - Unisoc T606 - Unisoc T610 - Unisoc T612 - Unisoc T616 - Unisoc T618 -	8

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1687281677639942145