Login Sign Up

CVE-2023-42738

7.8 HIGH

📋 TL;DR

CVE-2023-42738 is a missing permission check vulnerability in the telocom service that allows local attackers to escalate privileges without requiring additional execution privileges. This affects systems running vulnerable versions of Unisoc/Spreadtrum software. The vulnerability enables attackers to gain elevated access on compromised devices.

💻 Affected Systems

Products:
  • Unisoc/Spreadtrum telocom service
Versions: Specific vulnerable versions not detailed in references; likely affects multiple versions prior to patch
Operating Systems: Android-based systems using Unisoc/Spreadtrum chipsets
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with Unisoc/Spreadtrum processors running vulnerable telocom service versions. The exact device models are not specified in the provided references.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise where an attacker gains root/admin privileges, potentially installing persistent malware, accessing sensitive data, or disabling security controls.

🟠

Likely Case

Local privilege escalation allowing attackers to bypass application sandboxes, access protected system resources, or modify system configurations.

🟢

If Mitigated

Limited impact if proper application sandboxing, SELinux/AppArmor policies, and least privilege principles are enforced.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to the system.
🏢 Internal Only: HIGH - Once an attacker gains initial access to a system, they can exploit this to escalate privileges and move laterally within the network.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW - Missing permission check vulnerabilities typically require minimal exploitation complexity once local access is obtained.

Exploitation requires local access to the device. No public exploit code was found in the provided references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in references; check vendor advisory for specific patched versions

Vendor Advisory: https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049

Restart Required: Yes

Instructions:

1. Check the Unisoc security advisory for affected versions. 2. Apply vendor-provided firmware/security updates. 3. Reboot the device after patching. 4. Verify the patch is applied successfully.

🔧 Temporary Workarounds

Disable telocom service if not needed

android

Disable the vulnerable telocom service to prevent exploitation

adb shell pm disable com.android.telocom
adb shell service call telocom 1 i32 0

Apply SELinux/AppArmor restrictions

linux

Implement strict SELinux or AppArmor policies to restrict telocom service permissions

setenforce 1
Check and modify SELinux policies for telocom domain

🧯 If You Can't Patch

  • Implement strict network segmentation to limit lateral movement
  • Deploy endpoint detection and response (EDR) solutions to monitor for privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version against vendor advisory. Examine telocom service permissions and SELinux contexts.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify firmware version is updated to patched version. Test privilege escalation attempts to confirm mitigation.

📡 Detection & Monitoring

Log Indicators:

  • Unusual telocom service activity
  • Privilege escalation attempts in system logs
  • Unexpected process execution with elevated privileges

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

source="android_system" AND (process="telocom" OR event="privilege_escalation")

📊 Metadata

CVE ID: CVE-2023-42738
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-862
Published: December 4, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-42738, you might also want to check these:

CVE-2024-6071 10.0

CVE-2024-6071 is a critical remote code execution vulnerability in PTC Creo Elements/Direct License ...

Same vulnerability type (CWE-862)
CVE-2022-0543 10.0

CVE-2022-0543 is a critical Lua sandbox escape vulnerability in Redis on Debian-based systems that a...

Same vulnerability type (CWE-862)
CVE-2024-6500 10.0

This vulnerability allows unauthenticated attackers to read and delete arbitrary files on WordPress ...

Same vulnerability type (CWE-862)