A remote code execution vulnerability in the webview component of OPPO Store app.
CVE-2023-26311

7.4HIGH

Key Information:

Vendor: Oppo
Status: Oppo Store
Vendor: CVE Published:; 10 August 2023

What is CVE-2023-26311?

The OPPO Store app is susceptible to a remote code execution vulnerability within its webview component, allowing attackers to execute malicious code remotely. This poses significant security risks to users as it could lead to unauthorized access and control over the affected devices. Users are encouraged to stay updated with the latest security patches and follow best practices for app security to mitigate potential threats.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

OPPO Store 1.5.11

References

https://security.oppo.com/en/noticeDetail?notice_only_key...

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Aug 10, 2023
Vulnerability Reserved
Feb 21, 2023

JSON

Oppo