CVE-2023-20821

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 7, 2023

CWE ID 787

Summary

CVE-2023-20821 is a vulnerability affecting the nvram component, where a missing bounds check leads to a possible out-of-bounds write. This issue can result in local privilege escalation, granting System execution privileges to an attacker without requiring user interaction. The patch ID for addressing this issue is ALPS07937113.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android
OpenWRT

Affected Vendors

Google
OpenWrt
Linux Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sjehWs
https://www.cve.org/CVERecord?id=CVE-2023-20821
https://nvd.nist.gov/vuln/detail/CVE-2023-20821

Back to Vulnerability Database