There is a command injection problem in the old version of the mobile phone backup app.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:LOppo Coloros
OSOppo12.3Oppo Find X3
HWOppowszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2020-11829CRITICAL9.8ten sam produkt
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is co...
CVE-2021-23246HIGH7.5ten sam produkt
In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting...
CVE-2021-23244HIGH7.8ten sam produkt
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permiss...
CVE-2020-11828HIGH7.5ten sam produkt
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surface...
CVE-2024-1608CRITICAL9.1PL ✓ten sam vendor
Privilege escalation w OPPO Usercenter Credit SDK — wyciek danych aplikacji