Information Disclosure Vulnerability in Android Settings
CVE-2023-21383

5.5MEDIUM

Key Information:

Vendor: Google
Status: Android
Vendor: CVE Published:; 30 October 2023

Badges

📰 News Worthy

What is CVE-2023-21383?

A specific weakness exists within the Android Settings that may allow users to inadvertently transmit extra data via ambiguous prompts. This situation could facilitate local information disclosure without requiring additional execution privileges. Exploitation hinges on user interaction, highlighting the importance of awareness and caution when handling data prompts.

Affected Version(s)

Android 14

News Articles

GBHackers News

CVE-2024-0017 CVE-2023-21383

Multiple Flaws With Android & Google Pixel Devices Let Attackers Elevate Privileges

Several high-severity vulnerabilities have been identified in Android and Google Pixel devices, exposing millions of users to potential security risks.

References

https://source.android.com/docs/security/bulletin/android-14

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

📰
First article discovered by GBHackers News
Nov 26, 2024
Vulnerability published
Oct 30, 2023
Vulnerability Reserved
Nov 3, 2022