CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-26277 – Security Advisory | PendingIntent hijacking vulnerability in Framework Services
https://notcve.org/view.php?id=CVE-2021-26277
The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. • https://www.vivo.com/en/support/security-advisory-detail?id=8 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12488 – Broken Access Control Vulnerability in Jovi Smart Scene
https://notcve.org/view.php?id=CVE-2020-12488
The attacker can access the sensitive information stored within the jovi Smart Scene module by entering carefully constructed commands without requesting permission. El atacante puede acceder a la información confidencial almacenada en el módulo jovi Smart Scene al introducir comandos cuidadosamente construidos sin solicitar permiso • https://www.vivo.com/en/support/security-advisory-detail?id=5 • CWE-284: Improper Access Control CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12483 – AppStore Remote Download and Installation Vulnerability
https://notcve.org/view.php?id=CVE-2020-12483
The appstore before 8.12.0.0 exposes some of its components, and the attacker can cause remote download and install apps through carefully constructed parameters. La appstore versiones anteriores a 8.12.0.0, expone algunos de sus componentes, y el atacante puede causar la descarga e instalación remota de aplicaciones por medio de parámetros cuidadosamente construidos • https://www.vivo.com/en/support/security-advisory-detail?id=1 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12485
https://notcve.org/view.php?id=CVE-2020-12485
The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device. El módulo frame touch no hace juicios de validez sobre la longitud de los parámetros cuando se procesan parámetros específicos, lo cual causó que se saliera del límite cuando se accede a la memoria. La vulnerabilidad eventualmente conlleva a un DOS local en el dispositivo • https://www.vivo.com/en/support/security-advisory-detail?id=2 • CWE-125: Out-of-bounds Read •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2018-15000
https://notcve.org/view.php?id=CVE-2018-15000
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.smartshot (versionCode=1, versionName=3.0.0). This app contains an exported service named com.vivo.smartshot.ui.service.ScreenRecordService that will record the screen for 60 minutes and write the mp4 file to a location of the user's choosing. Normally, a recording notification will be visible to the user, but we discovered an approach to make it mostly transparent to the user by quickly removing a notification and floating icon. The user can see a floating icon and notification appear and disappear quickly due to quickly stopping and restarting the service with different parameters that do not interfere with the ongoing screen recording. The screen recording lasts for 60 minutes and can be written directly to the attacking app's private directory. • https://www.kryptowire.com https://www.kryptowire.com/portal/android-firmware-defcon-2018 https://www.kryptowire.com/portal/wp-content/uploads/2018/12/DEFCON-26-Johnson-and-Stavrou-Vulnerable-Out-of-the-Box-An-Eval-of-Android-Carrier-Devices-WP-Updated.pdf •