CRITICAL🇵🇱 Wersja polska

CVE-2020-11829

CVSS 9.8v3.1pub. 2020-11-19upd. 2024-11-21

Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Oppo Coloros

    OS
    Oppo
    2.0.0_5493e40_200722
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-26310HIGH7.4ten sam produkt

There is a command injection problem in the old version of the mobile phone backup app.

CVE-2021-23246HIGH7.5ten sam produkt

In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting...

CVE-2021-23244HIGH7.8ten sam produkt

ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permiss...

CVE-2020-11828HIGH7.5ten sam produkt

In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surface...

CVE-2024-1608CRITICAL9.1PL ✓ten sam vendor

Privilege escalation w OPPO Usercenter Credit SDK — wyciek danych aplikacji