CVE-2023-3612 (GCVE-0-2023-3612)

Vulnerability from cvelistv5 – Published: 2023-09-11 09:04 – Updated: 2024-09-26 14:32
VLAI?
Title
Unprotected WebView access in Govee Home App
Summary
Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content.
Severity ?
8.2 (High)
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
CWE
  • CWE-749 - Exposed Dangerous Method or Function
Assigner
References
Impacted products
Vendor Product Version
Govee Govee Home Affected: 5.7.03 , < 5.8.01 (custom)
Create a notification for this product.
Credits
Jan Adamski (johnny1337.pl; jan.adamski@nask.pl)
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:01:57.140Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-3612",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-26T14:32:16.829725Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-26T14:32:25.277Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Android",
            "iOS"
          ],
          "product": "Govee Home",
          "vendor": "Govee",
          "versions": [
            {
              "lessThan": "5.8.01",
              "status": "affected",
              "version": "5.7.03",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Jan Adamski (johnny1337.pl; jan.adamski@nask.pl)"
        }
      ],
      "datePublic": "2023-09-11T10:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Govee Home app has unprotected access to WebView component which can be opened by any app on\u0026nbsp;the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\u0026nbsp;steal sensitive user data by displaying phishing content. "
            }
          ],
          "value": "Govee Home app has unprotected access to WebView component which can be opened by any app on\u00a0the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\u00a0steal sensitive user data by displaying phishing content. "
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-98",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-98 Phishing"
            }
          ]
        },
        {
          "capecId": "CAPEC-19",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-19 Embedding Scripts within Scripts"
            }
          ]
        },
        {
          "capecId": "CAPEC-22",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-22 Exploiting Trust in Client"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-749",
              "description": "CWE-749 Exposed Dangerous Method or Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-13T06:17:09.814Z",
        "orgId": "bc375322-d3d7-4481-b261-e29662236cfd",
        "shortName": "SK-CERT"
      },
      "references": [
        {
          "url": "https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update to version 5.8.01 (released on 17.08.2023) or latest"
            }
          ],
          "value": "Update to version 5.8.01 (released on 17.08.2023) or latest"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "timeline": [
        {
          "lang": "en",
          "time": "2023-07-10T11:00:00.000Z",
          "value": "Received information about vulnerability from a security researcher - Jan Adamski (johnny1337.pl; jan.adamski@nask.pl)"
        },
        {
          "lang": "en",
          "time": "2023-07-11T11:39:00.000Z",
          "value": "Initial notification of the vendor"
        },
        {
          "lang": "en",
          "time": "2023-08-03T13:25:00.000Z",
          "value": "Vendor confirmed the receipt of vulnerability report"
        },
        {
          "lang": "en",
          "time": "2023-08-10T13:25:00.000Z",
          "value": "Vendor informed about security update being released on 17.08.2023"
        },
        {
          "lang": "en",
          "time": "2023-08-17T00:00:00.000Z",
          "value": "Updated version of the application released"
        }
      ],
      "title": "Unprotected WebView access in Govee Home App",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bc375322-d3d7-4481-b261-e29662236cfd",
    "assignerShortName": "SK-CERT",
    "cveId": "CVE-2023-3612",
    "datePublished": "2023-09-11T09:04:09.924Z",
    "dateReserved": "2023-07-11T06:15:11.185Z",
    "dateUpdated": "2024-09-26T14:32:25.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:govee:home:*:*:*:*:*:android:*:*\", \"versionEndExcluding\": \"5.8.01\", \"matchCriteriaId\": \"A620D3FC-BFD8-4142-B655-C1115D8871FF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:govee:home:*:*:*:*:*:iphone_os:*:*\", \"versionEndExcluding\": \"5.8.01\", \"matchCriteriaId\": \"C81C8BA3-1AE7-4FC3-B52A-273210034903\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Govee Home app has unprotected access to WebView component which can be opened by any app on\\u00a0the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\\u00a0steal sensitive user data by displaying phishing content. \"}, {\"lang\": \"es\", \"value\": \"La aplicaci\\u00f3n Govee Home tiene acceso desprotegido al componente WebView que puede abrir cualquier aplicaci\\u00f3n en el dispositivo. Al enviar una URL a un sitio manipulado, el atacante puede ejecutar JavaScript en el contexto de WebView o robar datos confidenciales del usuario mostrando contenido de phishing.\"}]",
      "id": "CVE-2023-3612",
      "lastModified": "2024-11-21T08:17:40.140",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"incident@nbu.gov.sk\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 4.7}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 5.9}]}",
      "published": "2023-09-11T10:15:07.603",
      "references": "[{\"url\": \"https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10\", \"source\": \"incident@nbu.gov.sk\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}]",
      "sourceIdentifier": "incident@nbu.gov.sk",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"incident@nbu.gov.sk\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-749\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-3612\",\"sourceIdentifier\":\"incident@nbu.gov.sk\",\"published\":\"2023-09-11T10:15:07.603\",\"lastModified\":\"2024-11-21T08:17:40.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Govee Home app has unprotected access to WebView component which can be opened by any app on\u00a0the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\u00a0steal sensitive user data by displaying phishing content. \"},{\"lang\":\"es\",\"value\":\"La aplicaci\u00f3n Govee Home tiene acceso desprotegido al componente WebView que puede abrir cualquier aplicaci\u00f3n en el dispositivo. Al enviar una URL a un sitio manipulado, el atacante puede ejecutar JavaScript en el contexto de WebView o robar datos confidenciales del usuario mostrando contenido de phishing.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"incident@nbu.gov.sk\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":4.7},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"incident@nbu.gov.sk\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-749\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:govee:home:*:*:*:*:*:android:*:*\",\"versionEndExcluding\":\"5.8.01\",\"matchCriteriaId\":\"A620D3FC-BFD8-4142-B655-C1115D8871FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:govee:home:*:*:*:*:*:iphone_os:*:*\",\"versionEndExcluding\":\"5.8.01\",\"matchCriteriaId\":\"C81C8BA3-1AE7-4FC3-B52A-273210034903\"}]}]}],\"references\":[{\"url\":\"https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10\",\"source\":\"incident@nbu.gov.sk\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T07:01:57.140Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-3612\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-26T14:32:16.829725Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-26T14:32:21.404Z\"}}], \"cna\": {\"title\": \"Unprotected WebView access in Govee Home App\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Jan Adamski (johnny1337.pl; jan.adamski@nask.pl)\"}], \"impacts\": [{\"capecId\": \"CAPEC-98\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-98 Phishing\"}]}, {\"capecId\": \"CAPEC-19\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-19 Embedding Scripts within Scripts\"}]}, {\"capecId\": \"CAPEC-22\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-22 Exploiting Trust in Client\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Govee\", \"product\": \"Govee Home\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.7.03\", \"lessThan\": \"5.8.01\", \"versionType\": \"custom\"}], \"platforms\": [\"Android\", \"iOS\"], \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2023-07-10T11:00:00.000Z\", \"value\": \"Received information about vulnerability from a security researcher - Jan Adamski (johnny1337.pl; jan.adamski@nask.pl)\"}, {\"lang\": \"en\", \"time\": \"2023-07-11T11:39:00.000Z\", \"value\": \"Initial notification of the vendor\"}, {\"lang\": \"en\", \"time\": \"2023-08-03T13:25:00.000Z\", \"value\": \"Vendor confirmed the receipt of vulnerability report\"}, {\"lang\": \"en\", \"time\": \"2023-08-10T13:25:00.000Z\", \"value\": \"Vendor informed about security update being released on 17.08.2023\"}, {\"lang\": \"en\", \"time\": \"2023-08-17T00:00:00.000Z\", \"value\": \"Updated version of the application released\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update to version 5.8.01 (released on 17.08.2023) or latest\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update to version 5.8.01 (released on 17.08.2023) or latest\", \"base64\": false}]}], \"datePublic\": \"2023-09-11T10:30:00.000Z\", \"references\": [{\"url\": \"https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Govee Home app has unprotected access to WebView component which can be opened by any app on\\u00a0the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\\u00a0steal sensitive user data by displaying phishing content. \", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Govee Home app has unprotected access to WebView component which can be opened by any app on\u0026nbsp;the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or\u0026nbsp;steal sensitive user data by displaying phishing content. \", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-749\", \"description\": \"CWE-749 Exposed Dangerous Method or Function\"}]}], \"providerMetadata\": {\"orgId\": \"bc375322-d3d7-4481-b261-e29662236cfd\", \"shortName\": \"SK-CERT\", \"dateUpdated\": \"2023-09-13T06:17:09.814Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2023-3612\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-26T14:32:25.277Z\", \"dateReserved\": \"2023-07-11T06:15:11.185Z\", \"assignerOrgId\": \"bc375322-d3d7-4481-b261-e29662236cfd\", \"datePublished\": \"2023-09-11T09:04:09.924Z\", \"assignerShortName\": \"SK-CERT\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.