CVE-2023-47889

The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is particularly concerning because these actions include powering off, system reboot & entering recovery mode.

CVSS v3 7.8 HIGH

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/actuator/com.bdrm.superreboot/blob/main/CWE-925.md	Exploit

Configurations

Configuration 1 (hide)

cpe:2.3:a:binhdrm26:super_reboot:1.0.3:*:*:*:*:android:*:*

History

No history.

Information

Published : 2024-02-06 01:15

Updated : 2024-02-13 18:16

NVD link : CVE-2023-47889

Mitre link : CVE-2023-47889

CVE.ORG link : CVE-2023-47889

JSON object : View

Products Affected

binhdrm26

super_reboot

CWE

NVD-CWE-Other

7.8 /10