CVE-2023-42699
First published: Mon Dec 04 2023(Updated: )
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed
Credit: security@unisoc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Any of | ||
| Google Android | =11.0 | |
| Google Android | =12.0 | |
| Google Android | =13.0 | |
| Any of | ||
| unisoc s8000 | ||
| Unisoc SC7731 | ||
| unisoc sc9832e | ||
| unisoc sc9863a | ||
| unisoc t310 | ||
| unisoc t606 | ||
| unisoc t610 | ||
| unisoc t612 | ||
| unisoc t616 | ||
| unisoc t618 | ||
| unisoc t760 | ||
| unisoc t770 | ||
| unisoc t820 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2023-42699?
CVE-2023-42699 is a vulnerability in the omacp service in Google Android versions 11.0, 12.0, and 13.0 that allows for a possible way to write permission usage records of an app due to a missing permission check, leading to local information disclosure.
How severe is CVE-2023-42699?
CVE-2023-42699 has a severity rating of medium with a score of 5.5.
Which software versions are affected by CVE-2023-42699?
Google Android versions 11.0, 12.0, and 13.0 are affected by CVE-2023-42699.
How can I fix CVE-2023-42699?
To fix CVE-2023-42699, it is recommended to update your Google Android device to a version that includes the necessary security patches.
Where can I find more information about CVE-2023-42699?
You can find more information about CVE-2023-42699 at the following link: [https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049](https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049).
- agent/type
- agent/event
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/author
- agent/severity
- agent/weakness
- agent/last-modified-date
- agent/description
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-api
- agent/software-canonical-lookup-request
- vendor/google
- canonical/google android
- version/google android/11.0
- version/google android/12.0
- version/google android/13.0
- vendor/unisoc
- canonical/unisoc s8000
- canonical/unisoc sc7731
- canonical/unisoc sc9832e
- canonical/unisoc sc9863a
- canonical/unisoc t310
- canonical/unisoc t606
- canonical/unisoc t610
- canonical/unisoc t612
- canonical/unisoc t616
- canonical/unisoc t618
- canonical/unisoc t760
- canonical/unisoc t770
- canonical/unisoc t820