CVE-2023-29741

EUVD-2023-33279
An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause an escalation of privileges attack by manipulating the database.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 33%
References
http://www.zmtqsh.com/
https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29741/CVE%20detail.md
https://play.google.com/store/apps/details?id=com.icoolme.android.weather
http://www.zmtqsh.com/
https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29741/CVE%20detail.md
https://play.google.com/store/apps/details?id=com.icoolme.android.weather