Login Sign Up

CVE-2023-30928

7.8 HIGH

📋 TL;DR

This vulnerability in telephony services allows local attackers to escalate privileges without requiring additional execution permissions. It affects Android devices with Unisoc chipsets, enabling attackers to gain elevated access to system functions. The flaw requires local access to the device.

💻 Affected Systems

Products:
  • Android devices with Unisoc chipsets
Versions: Specific Unisoc chipset firmware versions (exact versions not specified in public advisory)
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices using Unisoc telephony services. Exact device models not specified in public advisory.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attacker to install persistent malware, access sensitive data, or disable security controls.

🟠

Likely Case

Local attacker gains elevated privileges to access telephony functions, modify system settings, or bypass app sandboxing.

🟢

If Mitigated

Limited impact if proper app sandboxing and SELinux policies are enforced, though privilege escalation still possible.

🌐 Internet-Facing: LOW - Requires local access to device, not directly exploitable over network.
🏢 Internal Only: HIGH - Local attackers (malicious apps or users with physical access) can exploit this for privilege escalation.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access and knowledge of the missing permission check. No public exploit code available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in public advisory - check with device manufacturer

Vendor Advisory: https://www.unisoc.com/en_us/secy/announcementDetail/1676902764208259073

Restart Required: Yes

Instructions:

1. Contact device manufacturer for patch availability. 2. Apply security updates from device manufacturer. 3. Reboot device after update.

🔧 Temporary Workarounds

Restrict app permissions

android

Limit telephony permissions for untrusted applications

Enable SELinux enforcing mode

android

Ensure SELinux is in enforcing mode to limit privilege escalation

getenforce
setenforce 1

🧯 If You Can't Patch

  • Isolate affected devices from sensitive networks and data
  • Implement application allowlisting to prevent unauthorized app execution

🔍 How to Verify

Check if Vulnerable:

Check device chipset and firmware version against Unisoc advisory. No simple public detection method available.

Check Version:

Settings > About phone > Build number / Security patch level

Verify Fix Applied:

Verify security patch level is updated and check with device manufacturer for specific patch verification.

📡 Detection & Monitoring

Log Indicators:

  • Unusual telephony service access attempts
  • Permission denial logs for telephony services

Network Indicators:

  • None - local exploitation only

SIEM Query:

Search for telephony service permission failures or unusual process privilege changes

📊 Metadata

CVE ID: CVE-2023-30928
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-862
Published: July 12, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-30928, you might also want to check these:

CVE-2024-6071 10.0

CVE-2024-6071 is a critical remote code execution vulnerability in PTC Creo Elements/Direct License ...

Same vulnerability type (CWE-862)
CVE-2022-0543 10.0

CVE-2022-0543 is a critical Lua sandbox escape vulnerability in Redis on Debian-based systems that a...

Same vulnerability type (CWE-862)
CVE-2024-6500 10.0

This vulnerability allows unauthenticated attackers to read and delete arbitrary files on WordPress ...

Same vulnerability type (CWE-862)