CVE-2023-47883 – This vulnerability allows remote code execution... (How to Fix)

📋 TL;DR

This vulnerability allows remote code execution in the TV Browser Android app through JavaScript injection via an exposed MainActivity. Attackers can execute arbitrary JavaScript code on affected devices, potentially compromising user data and device security. All users of TV Browser for Android up to version 4.5.1 are affected.

💻 Affected Systems

Products:

com.altamirano.fabricio.tvbrowser (TV Browser)

Versions: through 4.5.1

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: All installations of affected versions are vulnerable by default

📦 What is this software?

Tv Browser by Vladymix

View all CVEs affecting Tv Browser →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing data theft, malware installation, and persistent backdoor access

🟠

Likely Case

Session hijacking, credential theft, and unauthorized access to app data

🟢

If Mitigated

Limited impact if app runs in sandboxed environment with minimal permissions

🌐 Internet-Facing: HIGH - Exploitable via web content or malicious links

🏢 Internal Only: MEDIUM - Requires user interaction but can be triggered internally

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Proof-of-concept available on GitHub, exploitation requires user to open malicious content

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Uninstall TV Browser app
2. Monitor Google Play Store for updated version
3. Reinstall only when patched version is confirmed available

🔧 Temporary Workarounds

Uninstall vulnerable app

android

Remove the TV Browser application from all Android devices

adb uninstall com.altamirano.fabricio.tvbrowser

Disable JavaScript in app settings

android

If app must remain installed, disable JavaScript execution

🧯 If You Can't Patch

Network segmentation to isolate affected devices
Implement application whitelisting to prevent unauthorized app execution

🔍 How to Verify

Check if Vulnerable:

Check app version in Android Settings > Apps > TV Browser > App info

Check Version:

adb shell dumpsys package com.altamirano.fabricio.tvbrowser | grep versionName

Verify Fix Applied:

Verify app is uninstalled or updated to version above 4.5.1

📡 Detection & Monitoring

Log Indicators:

Unusual JavaScript execution in app logs
Intent-based attacks targeting MainActivity

Network Indicators:

Suspicious JavaScript payloads in network traffic
Unexpected app communication

SIEM Query:

app_name:"TV Browser" AND (event_type:"code_execution" OR js_execution:true)

📊 Metadata

CVE ID: CVE-2023-47883

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-94

Published: December 27, 2023

Last Updated: November 21, 2024

🔗 References

https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/AFC-POC.apk Exploit,Third Party Advisory
https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/CWE-94.md Exploit,Third Party Advisory
https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/TVBrowserDemo.gif Exploit,Third Party Advisory
https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/AFC-POC.apk Exploit,Third Party Advisory
https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/CWE-94.md Exploit,Third Party Advisory
https://github.com/actuator/com.altamirano.fabricio.tvbrowser/blob/main/TVBrowserDemo.gif Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-47883, you might also want to check these: