Known Vulnerabilities for Coloros by Oppo
Listed below are 5 of the newest known vulnerabilities associated with "Coloros" by "Oppo".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-22070 json | ColorOS Assistant has an unauthenticated start-download channel, leading to file path traversal. | Not Provided | 2026-04-30 | 2026-04-30 |
| CVE-2023-26310 json | There is a command injection problem in the old version of the mobile phone backup app. | 9.8 - CRITICAL | 2023-08-09 | 2023-08-14 |
| CVE-2021-23246 json | In ACE2 ColorOS11, the attacker can obtain the foreground package name through permission promotion, resulting in user inform... | 7.5 - HIGH | 2022-03-11 | 2022-03-18 |
| CVE-2021-23244 json | ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some a... | 7.8 - HIGH | 2021-12-27 | 2022-07-12 |
| CVE-2020-11829 json | Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codeb... | 9.8 - CRITICAL | 2020-11-19 | 2021-07-21 |
| CVE-2020-11828 json | In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surface... | 7.5 - HIGH | 2020-04-21 | 2021-07-21 |