CVE-2023-21383

5.5MEDIUM

Key Information

Vendor: Google
Status: Android
Vendor: CVE Published:; 30 October 2023

Badges

📰 News Worthy

Summary

In Settings, there is a possible way for the user to unintentionally send extra data due to an unclear prompt. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Affected Version(s)

Android = 14

News Articles

GBHackers News

CVE-2024-0017 CVE-2023-21383

Multiple Flaws With Android & Google Pixel Devices Let Attackers Elevate Privileges

Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of users to potential security risks.

4 weeks ago

Refferences

https://source.android.com/docs/security/bulletin/android-14

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

First article discovered by GBHackers News
Nov 26, 2024
Vulnerability published
Oct 30, 2023
Vulnerability Reserved
Nov 3, 2022

Collectors

NVD DatabaseMitre Database1 News Article(s)