CVE-2023-20830

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 7, 2023

CWE ID 787

Summary

CVE-2023-20830 is a vulnerability affecting the gps software that allows for an out-of-bounds write due to a missing bounds check. This issue can result in local privilege escalation, granting the attacker System execution privileges without requiring user interaction. The vulnerability has been assigned patch ID ALPS08014144 and issue ID ALPS08014156. It's important to note that this vulnerability can be exploited without user intervention, making it a significant security concern.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android
OpenWRT

Affected Vendors

Google
OpenWrt
Linux Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sjd_P6
https://www.cve.org/CVERecord?id=CVE-2023-20830
https://nvd.nist.gov/vuln/detail/CVE-2023-20830

Back to Vulnerability Database