CVE-2023-20772

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jul 4, 2023

Updated: Jul 10, 2023

CWE ID 862

Summary

CVE-2023-20772 is a vulnerability affecting the vow software. It allows for a privilege escalation attack due to a missing permission check. This flaw enables an attacker to elevate their local privileges without requiring additional execution privileges. Notably, user interaction is not necessary for exploitation. The patch ID for addressing this issue is ALPS07441796.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r3MIZR
https://www.cve.org/CVERecord?id=CVE-2023-20772
https://nvd.nist.gov/vuln/detail/CVE-2023-20772

Back to Vulnerability Database