A remote code execution vulnerability in the webview component of OPPO Store app.
CVE-2023-26311

7.4HIGH

Key Information:

Vendor: Oppo
Status: Oppo Store
Vendor: CVE Published:; 10 August 2023

What is CVE-2023-26311?

The OPPO Store app is susceptible to a remote code execution vulnerability within its webview component, allowing attackers to execute malicious code remotely. This poses significant security risks to users as it could lead to unauthorized access and control over the affected devices. Users are encouraged to stay updated with the latest security patches and follow best practices for app security to mitigate potential threats.

Affected Version(s)

OPPO Store 1.5.11

References

https://security.oppo.com/en/noticeDetail?notice_only_key...

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 10, 2023
Vulnerability Reserved
Feb 21, 2023

CVE-2023-26311 Data

JSON

Oppo

What is CVE-2023-26311?

Affected Version(s)

References

CVSS V3.1

Timeline