CVE-2023-42647 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2023-42647

CWE

https://cwe.mitre.org/data/definitions/.html

In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

Affected Software

Name	Vendor	Start Version	End Version
Android	Google	10.0 (including)	10.0 (including)
Android	Google	11.0 (including)	11.0 (including)
Android	Google	12.0 (including)	12.0 (including)
Android	Google	13.0 (including)	13.0 (including)

References

https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857