CVE-2023-20775

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Jul 4, 2023

Updated: Jul 10, 2023

CWE ID 787

Summary

CVE-2023-20775 is a newly disclosed vulnerability affecting the display component. The issue stems from a missing bounds check, which creates an opportunity for an out-of-bounds write. Successful exploitation of this vulnerability could lead to local privilege escalation, granting System execution privileges. Notably, user interaction is not required for an attacker to exploit this weakness. The affected software has been patched with Patch ID ALPS07978760 and Issue ID ALPS07363410.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android
OpenWRT

Affected Vendors

Google
OpenWrt

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r3MIZv
https://www.cve.org/CVERecord?id=CVE-2023-20775
https://nvd.nist.gov/vuln/detail/CVE-2023-20775

Back to Vulnerability Database