CVE-2023-29733

Published: May 30, 2023Modified: Jan 14, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

The Lock Master app 2.2.4 for Android allows unauthorized apps to modify the values in its SharedPreference files. These files hold data that affects many app functions. Malicious modifications by unauthorized apps can cause security issues, such as functionality manipulation, resulting in a severe escalation of privilege attack.

Affected (1)

Products: Dualspace: Lock Master

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Dualspace Lock Master	Version 2.2.4

Related CWEs

Incorrect Default Permissions

During installation, installed file permissions are set to allow anyone to modify those files.

References (2)

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29733/CVE%20detail.md

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29733/CVE%20detail.md

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.