CVE-2023-20831

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 7, 2023

CWE ID 787

Summary

CVE-2023-20831 is a newly identified vulnerability affecting the gps software. It involves a missing bounds check that allows for an out-of-bounds write. This issue can result in local privilege escalation, granting the attacker System execution privileges without requiring user interaction. The vulnerability has been assigned patch ID ALPS08014144 and issue ID ALPS08014162. Organizations using the gps software are strongly advised to install the relevant patch to mitigate this security risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android
OpenWRT

Affected Vendors

Google
OpenWrt
Linux Foundation

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sjdlbQ
https://www.cve.org/CVERecord?id=CVE-2023-20831
https://nvd.nist.gov/vuln/detail/CVE-2023-20831

Back to Vulnerability Database