Login Sign Up

CVE-2023-27645

9.8 CRITICAL

📋 TL;DR

A privilege escalation vulnerability in POWERAMP audio player allows remote attackers to gain elevated privileges by manipulating reverb and EQ preset parameters. This affects users of POWERAMP build 925 and 954 on Android devices. Attackers could potentially execute arbitrary code with app permissions.

💻 Affected Systems

Products:
  • POWERAMP Audio Player
Versions: Build 925 and Build 954
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects specific builds of the POWERAMP app available on Google Play Store. Requires app to be installed and running.

📦 What is this software?

Poweramp by Powerampapp

View all CVEs affecting Poweramp →

Poweramp by Powerampapp

View all CVEs affecting Poweramp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains full control of the POWERAMP app, potentially accessing device audio files, modifying settings, or using app permissions for further system compromise.

🟠

Likely Case

Attacker gains elevated privileges within the POWERAMP app, allowing manipulation of audio settings, access to stored audio files, and potential data exfiltration.

🟢

If Mitigated

With proper app sandboxing and minimal permissions, impact limited to POWERAMP app functionality without system-wide compromise.

🌐 Internet-Facing: MEDIUM - Requires user interaction with malicious content but can be triggered remotely via crafted audio files or network content.
🏢 Internal Only: LOW - Primarily an app-specific vulnerability not directly exploitable through internal network access alone.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user to open malicious audio file or content. Public details available in GitHub repository references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Later builds after 954

Vendor Advisory: https://powerampapp.com/

Restart Required: Yes

Instructions:

1. Open Google Play Store 2. Search for POWERAMP 3. Update to latest version 4. Restart device if prompted

🔧 Temporary Workarounds

Disable automatic audio file processing

android

Prevent automatic processing of audio files from untrusted sources

Temporary app disable

android

Disable POWERAMP until patched if high risk environment

🧯 If You Can't Patch

  • Uninstall POWERAMP if not essential
  • Restrict app permissions to minimum required

🔍 How to Verify

Check if Vulnerable:

Check POWERAMP version in app settings: Settings > About. Vulnerable if version shows build 925 or 954.

Check Version:

Not applicable - check via Android app settings

Verify Fix Applied:

Update via Google Play Store and verify version is newer than build 954.

📡 Detection & Monitoring

Log Indicators:

  • Unusual audio file processing
  • POWERAMP crash logs with privilege errors
  • Unexpected permission requests

Network Indicators:

  • Downloads of suspicious audio files
  • Network traffic to POWERAMP from untrusted sources

SIEM Query:

Not applicable for typical mobile app monitoring

📊 Metadata

CVE ID: CVE-2023-27645
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-269
Published: April 11, 2023
Last Updated: February 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-27645, you might also want to check these:

CVE-2023-48419 10.0

This vulnerability allows an attacker within Wi-Fi range of a Google Home device to spy on the victi...

Same vulnerability type (CWE-269)
CVE-2025-20282 10.0

This critical vulnerability in Cisco ISE and ISE-PIC allows unauthenticated remote attackers to uplo...

Same vulnerability type (CWE-269)
CVE-2022-24783 10.0

This critical vulnerability in Deno runtime allows malicious code to bypass all permission checks an...

Same vulnerability type (CWE-269)