{
    "dataType": "CVE_RECORD",
    "dataVersion": "5.1",
    "cveMetadata": {
        "state": "PUBLISHED",
        "cveId": "CVE-2023-38301",
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "dateUpdated": "2024-08-02T17:39:12.904Z",
        "dateReserved": "2023-07-14T00:00:00",
        "datePublished": "2024-04-22T00:00:00"
    },
    "containers": {
        "cna": {
            "providerMetadata": {
                "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
                "shortName": "mitre",
                "dateUpdated": "2024-04-22T14:55:30.251272"
            },
            "descriptions": [
                {
                    "lang": "en",
                    "value": "An issue was discovered in a third-party component related to vendor.gsm.serial, shipped on devices from multiple device manufacturers. Various software builds for the BLU View 2, Boost Mobile Celero 5G, Sharp Rouvo V, Motorola Moto G Pure, Motorola Moto G Power, T-Mobile Revvl 6 Pro 5G, and T-Mobile Revvl V+ 5G devices leak the device serial number to a system property that can be accessed by any local app on the device without any permissions or special privileges. Google restricted third-party apps from directly obtaining non-resettable device identifiers in Android 10 and higher, but in these instances they are leaked by a high-privilege process and can be obtained indirectly. The software build fingerprints for each confirmed vulnerable device are as follows: BLU View 2 (BLU/B131DL/B130DL:11/RP1A.200720.011/1672046950:user/release-keys); Boost Mobile Celero 5G (Celero5G/Jupiter/Jupiter:11/RP1A.200720.011/SW_S98119AA1_V067:user/release-keys); Sharp Rouvo V (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys); Motorola Moto G Pure (motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-2/74844:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-7/5cde8:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-10/d67faa:user/release-keys, motorola/ellis_trac/ellis:11/RRHS31.Q3-46-110-13/b4a29:user/release-keys, motorola/ellis_trac/ellis:12/S3RH32.20-42-10/1c2540:user/release-keys, motorola/ellis_trac/ellis:12/S3RHS32.20-42-13-2-1/6368dd:user/release-keys, motorola/ellis_a/ellis:11/RRH31.Q3-46-50-2/20fec:user/release-keys, motorola/ellis_vzw/ellis:11/RRH31.Q3-46-138/103bd:user/release-keys, motorola/ellis_vzw/ellis:11/RRHS31.Q3-46-138-2/e5502:user/release-keys, and motorola/ellis_vzw/ellis:12/S3RHS32.20-42-10-14-2/5e0b0:user/release-keys); Motorola Moto G Power (motorola/tonga_g/tonga:11/RRQ31.Q3-68-16-2/e5877:user/release-keys and motorola/tonga_g/tonga:12/S3RQS32.20-42-10-6/f876d3:user/release-keys); T-Mobile Revvl 6 Pro 5G (T-Mobile/Augusta/Augusta:12/SP1A.210812.016/SW_S98121AA1_V070:user/release-keys); and T-Mobile Revvl V+ 5G (T-Mobile/Sprout/Sprout:11/RP1A.200720.011/SW_S98115AA1_V077:user/release-keys). This malicious app reads from the \"vendor.gsm.serial\" system property to indirectly obtain the device serial number."
                }
            ],
            "affected": [
                {
                    "vendor": "n/a",
                    "product": "n/a",
                    "versions": [
                        {
                            "version": "n/a",
                            "status": "affected"
                        }
                    ]
                }
            ],
            "references": [
                {
                    "url": "https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ryan%20Johnson%20Mohamed%20Elsabagh%20Angelos%20Stavrou%20-%20Still%20Vulnerable%20Out%20of%20the%20Box%20Revisiting%20the%20Security%20of%20Prepaid%20Android%20Carrier%20Devices.pdf"
                }
            ],
            "problemTypes": [
                {
                    "descriptions": [
                        {
                            "type": "text",
                            "lang": "en",
                            "description": "n/a"
                        }
                    ]
                }
            ]
        },
        "adp": [
            {
                "title": "CISA ADP Vulnrichment",
                "metrics": [
                    {
                        "cvssV3_1": {
                            "scope": "UNCHANGED",
                            "version": "3.1",
                            "baseScore": 3.4,
                            "attackVector": "LOCAL",
                            "baseSeverity": "LOW",
                            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
                            "integrityImpact": "LOW",
                            "userInteraction": "NONE",
                            "attackComplexity": "LOW",
                            "availabilityImpact": "NONE",
                            "privilegesRequired": "HIGH",
                            "confidentialityImpact": "LOW"
                        }
                    },
                    {
                        "other": {
                            "type": "ssvc",
                            "content": {
                                "id": "CVE-2023-38301",
                                "role": "CISA Coordinator",
                                "options": [
                                    {
                                        "Exploitation": "none"
                                    },
                                    {
                                        "Automatable": "no"
                                    },
                                    {
                                        "Technical Impact": "partial"
                                    }
                                ],
                                "version": "2.0.3",
                                "timestamp": "2024-04-22T19:32:08.922600Z"
                            }
                        }
                    }
                ],
                "affected": [
                    {
                        "cpes": [
                            "cpe:2.3:h:verizon:sharp_rouvo_v:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "verizon",
                        "product": "sharp_rouvo_v",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "-"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:h:tracfone:blu_view_2:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "tracfone",
                        "product": "blu_view_2",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "-"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:h:boost_mobile:celero_5g:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "boost_mobile",
                        "product": "celero_5g",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "-"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:h:motorola:moto_g_pure:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "motorola",
                        "product": "moto_g_pure",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "-"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:h:motorola:moto_g_power:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "motorola",
                        "product": "moto_g_power",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "-"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:h:t-mobile:revvl_6_pro_5g:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "t-mobile",
                        "product": "revvl_6_pro_5g",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "-"
                            }
                        ],
                        "defaultStatus": "unknown"
                    },
                    {
                        "cpes": [
                            "cpe:2.3:h:t-mobile:revvl_v\\+_5g:-:*:*:*:*:*:*:*"
                        ],
                        "vendor": "t-mobile",
                        "product": "revvl_v\\+_5g",
                        "versions": [
                            {
                                "status": "unknown",
                                "version": "-"
                            }
                        ],
                        "defaultStatus": "unknown"
                    }
                ],
                "problemTypes": [
                    {
                        "descriptions": [
                            {
                                "lang": "en",
                                "type": "CWE",
                                "cweId": "CWE-200",
                                "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor"
                            }
                        ]
                    }
                ],
                "providerMetadata": {
                    "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
                    "shortName": "CISA-ADP",
                    "dateUpdated": "2024-06-04T17:28:16.831Z"
                }
            },
            {
                "providerMetadata": {
                    "orgId": "af854a3a-2127-422b-91ae-364da2661108",
                    "shortName": "CVE",
                    "dateUpdated": "2024-08-02T17:39:12.904Z"
                },
                "title": "CVE Program Container",
                "references": [
                    {
                        "url": "https://media.defcon.org/DEF%20CON%2031/DEF%20CON%2031%20presentations/Ryan%20Johnson%20Mohamed%20Elsabagh%20Angelos%20Stavrou%20-%20Still%20Vulnerable%20Out%20of%20the%20Box%20Revisiting%20the%20Security%20of%20Prepaid%20Android%20Carrier%20Devices.pdf",
                        "tags": [
                            "x_transferred"
                        ]
                    }
                ]
            }
        ]
    }
}