CVE-2023-47882

CVSS 3.1 Score 7.1 of 10 (high)

Details

Published Dec 27, 2023
Updated: Jan 9, 2024

Summary

CVE-2023-47882 refers to a vulnerability in the Kami Vision YI IoT com.yunyi.smartcamera application for Android. This issue enables remote attackers to execute arbitrary JavaScript code through an implicit intent to the com.ants360.yicamera.activity.WebViewActivity component, which is present in versions up to 4.1.9_20231127. The vulnerability poses a significant risk as attackers can exploit it to launch malicious attacks, potentially leading to unauthorized access or data theft. Users are strongly advised to update their applications to the latest version to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share