CVE-2023-25647 – Permission and Access Control Vulnerability in Some ZTE Mobile Phones

https://notcve.org/view.php?id=CVE-2023-25647

There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, applications in mobile phone could monitor the touch event. • https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032264 • CWE-269: Improper Privilege Management CWE-863: Incorrect Authorization •