CVE-2023-21241

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jul 13, 2023

Updated: Jul 25, 2023

CWE ID 190

Summary

CVE-2023-21241 is a newly identified vulnerability affecting the rw_i93 component. In the function rw_i93_send_to_upper of rw_i93.cc, an integer overflow occurs, resulting in a possible out-of-bounds write. This issue grants a local attacker elevated privileges without the need for additional execution permissions or user interaction.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r4vIaA
https://www.cve.org/CVERecord?id=CVE-2023-21241
https://nvd.nist.gov/vuln/detail/CVE-2023-21241

Back to Vulnerability Database