There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event.
References
| Link | Resource |
|---|---|
| https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032264 | Vendor Advisory |
Configurations
Configuration 1 (hide)
| AND |
|
Configuration 2 (hide)
| AND |
|
Configuration 3 (hide)
| AND |
|
Configuration 4 (hide)
| AND |
|
History
24 Aug 2023, 16:20
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Zte axon 30
Zte axon 40 Pro Zte nubia Z50 Zte axon 30 Firmware Zte Zte axon 40 Pro Firmware Zte axon 40 Ultra Zte nubia Z50 Firmware Zte axon 40 Ultra Firmware |
|
| CWE | CWE-863 | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
| References | (MISC) https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032264 - Vendor Advisory | |
| CPE | cpe:2.3:h:zte:axon_40_ultra:-:*:*:*:*:*:*:* cpe:2.3:h:zte:axon_30:-:*:*:*:*:*:*:* cpe:2.3:o:zte:nubia_z50_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:axon_40_pro_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:axon_30_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:zte:axon_40_ultra_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:zte:axon_40_pro:-:*:*:*:*:*:*:* cpe:2.3:h:zte:nubia_z50:-:*:*:*:*:*:*:* |
17 Aug 2023, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-08-17 03:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-25647
Mitre link : CVE-2023-25647
CVE.ORG link : CVE-2023-25647
JSON object : View
Products Affected
zte
- axon_40_pro_firmware
- nubia_z50
- nubia_z50_firmware
- axon_30_firmware
- axon_40_pro
- axon_40_ultra
- axon_30
- axon_40_ultra_firmware