Persistent Denial of Service Vulnerability in Yandex Navigator for Android
CVE-2023-29751

5.5MEDIUM

Key Information:

Vendor: Yandex
Status: Navigator
Vendor: CVE Published:; 9 June 2023

What is CVE-2023-29751?

A vulnerability in Yandex Navigator version 6.60 for Android has been identified that allows unauthorized applications to manipulate SharedPreference files. This manipulation can lead to a persistent denial of service, effectively disrupting the normal functioning of the app. Attackers leveraging this flaw can render the application unusable for legitimate users, posing a significant threat to user experience and application reliability.

References

https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-202...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 9, 2023
Vulnerability Reserved
Apr 7, 2023

JSON