Vulnerability Description
SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedPreference file, these data will be loaded into the memory when the application is opened. Depending on how the data is used, this can result in various attack consequences, such as ad display exceptions.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Loka | Solive | >= 1.6.14, <= 1.6.20 |
Related Weaknesses (CWE)
References
- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29732/CVE%20detail.mdExploitThird Party Advisory
- https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29732/CVE%20detail.mdExploitThird Party Advisory
FAQ
What is CVE-2023-29732?
CVE-2023-29732 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SoLive 1.6.14 thru 1.6.20 for Android exists exposed component, the component provides the method to modify the SharedPreference file. The attacker can use the method to modify the data in any SharedP...
How severe is CVE-2023-29732?
CVE-2023-29732 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-29732?
Check the references section above for vendor advisories and patch information. Affected products include: Loka Solive.