CVE-2023-20773

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 4, 2023

Updated: Jul 10, 2023

CWE ID 862

Summary

CVE-2023-20773 is a vulnerability affecting the vow software where a missing permission check allows for an escalation of privilege, enabling local attackers to gain elevated access without requiring additional execution privileges. User interaction is not necessary for exploitation. The issue has been assigned patch ID ALPS07611449 and issue ID ALPS07441735. This vulnerability poses a significant risk and should be addressed promptly by implementing the available patch.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r3MIZ3
https://www.cve.org/CVERecord?id=CVE-2023-20773
https://nvd.nist.gov/vuln/detail/CVE-2023-20773

Back to Vulnerability Database