Today > vulnerabilities   -   You can now download lists of IOCs here!

CVE-2023-38291

April 22, 2024, 7:24 p.m.

Tags

Product(s) Impacted

TCL A3X

  • TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAAZ:user/release-keys
  • TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAB3:user/release-keys
  • TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAB7:user/release-keys
  • TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABA:user/release-keys
  • TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABM:user/release-keys
  • TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABP:user/release-keys
  • TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABS:user/release-keys

TCL 10L

  • TCL/T770B/T1_LITE:10/QKQ1.200329.002/3CJ0:user/release-keys
  • TCL/T770B/T1_LITE:11/RKQ1.210107.001/8BIC:user/release-keys

Motorola Moto G Pure

  • motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-2/74844:user/release-keys
  • motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-7/5cde8:user/release-keys
  • motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-10/d67faa:user/release-keys
  • motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-13/b4a29:user/release-keys
  • motorola/ellis_trac/ellis:12/S3RH32.20-42-10/1c2540:user/release-keys
  • motorola/ellis_trac/ellis:12/S3RHS32.20-42-13-2-1/6368dd:user/release-keys
  • motorola/ellis_a/ellis:11/RRH31.Q3-46-50-2/20fec:user/release-keys
  • motorola/ellis_vzw/ellis:11/RRH31.Q3-46-138/103bd:user/release-keys
  • motorola/ellis_vzw/ellis:11/RRHS31.Q3-46-138-2/e5502:user/release-keys
  • motorola/ellis_vzw/ellis:12/S3RHS32.20-42-10-14-2/5e0b0:user/release-keys

Motorola Moto G Power

  • motorola/tonga_g/tonga:11/RRQ31.Q3-68-16-2/e5877:user/release-keys
  • motorola/tonga_g/tonga:12/S3RQS32.20-42-10-6/f876d3:user/release-keys

TCL Smartphones (30Z, 10L)

  • TCL A600DL (Delhi_TF:11)
  • TCL A3X (Delhi_TF:11)
  • TCL 10L (T1_LITE:10, T1_LITE:11)

Motorola Smartphones (Moto G Pure, Moto G Power)

  • Moto G Pure (ellis_trac/ellis:11-12)
  • Moto G Power (tonga_g/tonga:11-12)

Description

An issue was discovered in a third-party component related to ro.boot.wifimacaddr, shipped on devices from multiple device manufacturers. Various software builds for the following TCL devices (30Z and 10L) and Motorola devices (Moto G Pure and Moto G Power) leak the Wi-Fi MAC address to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers in Android 10 and higher, but in these instances they are leaked by a high-privilege process and can be obtained indirectly. The software build fingerprints for each confirmed vulnerable device are as follows: TCL A3X (TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAAZ:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAB3:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vAB7:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABA:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABM:user/release-keys, TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABP:user/release-keys, and TCL/A600DL/Delhi_TF:11/RKQ1.201202.002/vABS:user/release-keys); TCL 10L (TCL/T770B/T1_LITE:10/QKQ1.200329.002/3CJ0:user/release-keys and TCL/T770B/T1_LITE:11/RKQ1.210107.001/8BIC:user/release-keys); Motorola Moto G Pure (motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-2/74844:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-7/5cde8:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-10/d67faa:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-13/b4a29:user/release-keys, motorola/ellis_trac/ellis:12/S3RH32.20-42-10/1c2540:user/release-keys, motorola/ellis_trac/ellis:12/S3RHS32.20-42-13-2-1/6368dd:user/release-keys, motorola/ellis_a/ellis:11/RRH31.Q3-46-50-2/20fec:user/release-keys, motorola/ellis_vzw/ellis:11/RRH31.Q3-46-138/103bd:user/release-keys, motorola/ellis_vzw/ellis:11/RRHS31.Q3-46-138-2/e5502:user/release-keys, and motorola/ellis_vzw/ellis:12/S3RHS32.20-42-10-14-2/5e0b0:user/release-keys); and Motorola Moto G Power (motorola/tonga_g/tonga:11/RRQ31.Q3-68-16-2/e5877:user/release-keys and motorola/tonga_g/tonga:12/S3RQS32.20-42-10-6/f876d3:user/release-keys). This malicious app reads from the "ro.boot.wifimacaddr" system property to indirectly obtain the Wi-Fi MAC address.

Weaknesses

Date

Published: April 22, 2024, 3:15 p.m.

Last Modified: April 22, 2024, 7:24 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References