CVE-2023-27647 — HIGH (7.1)

Vulnerability Description

An issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod: insert of the android.net.Uri.insert method.

CVSS Score

7.1

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Dualspace	Lock Master	2.2.4

Related Weaknesses (CWE)

CWE-276

References

http://www.dualspace.com/pc/en/products.htmlProduct
https://app-lock-master.en.uptodown.com/android/downloadProduct
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27647/CVE%20detail.mdExploitProductThird Party Advisory
http://www.dualspace.com/pc/en/products.htmlProduct
https://app-lock-master.en.uptodown.com/android/downloadProduct
https://github.com/LianKee/SODA/blob/main/CVEs/CVE-2023-27647/CVE%20detail.mdExploitProductThird Party Advisory

FAQ

What is CVE-2023-27647?

CVE-2023-27647 is a vulnerability with a CVSS score of 7.1 (HIGH). An issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod...

How severe is CVE-2023-27647?

CVE-2023-27647 has been rated HIGH with a CVSS base score of 7.1/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-27647?

Check the references section above for vendor advisories and patch information. Affected products include: Dualspace Lock Master.