CVE-2023-20768

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jul 4, 2023

Updated: Jul 10, 2023

CWE ID 843

Summary

CVE-2023-20768 is a newly identified vulnerability affecting the ion library. This issue involves a potential out-of-bounds read caused by type confusion. If successfully exploited, this vulnerability could result in local privilege escalation, granting the attacker System execution privileges. Importantly, user interaction is not required for exploitation, making it particularly dangerous. A patch with ID ALPS07560720 is available to address this issue. Additionally, it's important to note that issue ID ALPS07559800 has been assigned to this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r3MIaD
https://www.cve.org/CVERecord?id=CVE-2023-20768
https://nvd.nist.gov/vuln/detail/CVE-2023-20768

Back to Vulnerability Database