CVE-2023-21211

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jun 28, 2023

Updated: Jul 6, 2023

CWE ID 125

Summary

CVE-2023-21211 is a newly identified vulnerability affecting multiple files in the Android operating system. This issue involves a heap buffer overflow, which can result in an out-of-bounds read. The consequences of this vulnerability include local information disclosure, meaning sensitive data can be accessed without requiring additional execution privileges. Notably, user interaction is not necessary for an attacker to exploit this vulnerability on an Android-13 system, which holds the ID A-262235998.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/roKm4V
https://www.cve.org/CVERecord?id=CVE-2023-21211
https://nvd.nist.gov/vuln/detail/CVE-2023-21211

Back to Vulnerability Database