CVE-2021-41850

An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control.

CVSS v3 7.8 HIGH
CVSS v2.0 7.2 HIGH

7.8^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2^/10

CVSS v2.0 : HIGH

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://athack.com/session-details/401	Third Party Advisory
https://simowireless.com/	Vendor Advisory
https://www.kryptowire.com/android-firmware-2022/	Broken Link
https://www.kryptowire.com/blog/vsim-vulnerability-within-simo-android-phones-exposed/	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:bluproducts:g90_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:bluproducts:g90:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND

cpe:2.3:o:bluproducts:g9_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:bluproducts:g9:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND

cpe:2.3:o:wikomobile:tommy_3_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:wikomobile:tommy_3:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND

cpe:2.3:o:wikomobile:tommy_3_plus_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:wikomobile:tommy_3_plus:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND

cpe:2.3:o:luna:simo_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:luna:simo:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-03-11 23:15

Updated : 2024-02-28 19:09

NVD link : CVE-2021-41850

Mitre link : CVE-2021-41850

CVE.ORG link : CVE-2021-41850

JSON object : View

Products Affected

bluproducts

g9_firmware
g9
g90_firmware
g90

luna

simo
simo_firmware

wikomobile

tommy_3_firmware
tommy_3
tommy_3_plus_firmware
tommy_3_plus

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2021-41850", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 7.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.8}]}, "published": "2022-03-11T23:15:09.277", "references": [{"url": "https://athack.com/session-details/401", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://simowireless.com/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.kryptowire.com/android-firmware-2022/", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://www.kryptowire.com/blog/vsim-vulnerability-within-simo-android-phones-exposed/", "tags": ["Exploit", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Luna Simo PPR1.180610.011/202001031830. A pre-installed app with a package name of com.skyroam.silverhelper writes three IMEI values to system properties at system startup. The system property values can be obtained via getprop by all third-party applications co-located on the device, even those with no permissions granted, exposing the IMEI values to processes without enforcing any access control."}, {"lang": "es", "value": "Se ha detectado un problema en Luna Simo versi\u00f3n PPR1.180610.011/202001031830. Una aplicaci\u00f3n preinstalada con el nombre de paquete com.skyroam.silverhelper escribe tres valores de IMEI en las propiedades del sistema al iniciarse \u00e9ste. Los valores de las propiedades del sistema pueden ser obtenidos por medio de getprop por todas las aplicaciones de terceros ubicadas en el dispositivo, incluso las que no presentan permisos concedidos, exponiendo los valores de IMEI a procesos sin aplicar ning\u00fan control de acceso"}], "lastModified": "2022-07-12T17:42:04.277", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bluproducts:g90_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B003884D-03B5-4E27-A506-22A36E0334A2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bluproducts:g90:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "8E152DA2-58DC-499B-AD5C-C54B6F7F9EA6"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:bluproducts:g9_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CA87E8FB-2312-4C36-8E99-9FC13249FF96"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:bluproducts:g9:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "84252BD6-08BF-4591-BB70-159AEC3F5526"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:wikomobile:tommy_3_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0998AB21-51AF-44F1-AB64-DAA2F6994255"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:wikomobile:tommy_3:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "6DFAA033-25DC-4C58-862A-DB52E38053E5"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:wikomobile:tommy_3_plus_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0D3D7AB-AABF-4BDA-88C8-6BA9A7D683C1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:wikomobile:tommy_3_plus:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "AF14B073-3785-4B54-96F2-DE5C8AD50019"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:luna:simo_firmware:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "57816BEB-1BBE-489D-B6B0-BA24E21D6F7D"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:luna:simo:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "0AD9D06F-E7A7-4453-813D-B7A3FD544F1A"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}