CVE-2023-33915

EPSS 0.3%

In short

A missing permission check in LTE protocol allows attackers to remotely access sensitive information without needing special privileges on the device.

Technical detail

The LTE protocol stack lacks proper authorization validation before exposing sensitive data, enabling unauthenticated remote attackers to disclose information through the air interface without elevated privileges.

Summary generated and translated by AI from the official description.

In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed

Affected products

Unisoc (Shanghai) Technologies Co., Ltd. · T760/T770/T820/S8000

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434