CVE-2023-21175

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jun 28, 2023

Updated: Jun 30, 2023

Summary

CVE-2023-21175 is a vulnerability affecting Android-13 that allows guest users to bypass permissions and enable or disable mobile data in the DataUsageSummary.java file of the system. This issue can result in local privilege escalation without requiring additional execution privileges or user interaction. The product impacted by this vulnerability is Android, and the specific ID is A-262243574.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rpg87C
https://www.cve.org/CVERecord?id=CVE-2023-21175
https://nvd.nist.gov/vuln/detail/CVE-2023-21175

Back to Vulnerability Database