CVE-2023-21267

Summary

CVE-2023-21267 is a vulnerability affecting multiple functions in KeyguardViewMediator.java. This issue results in a logic error, enabling a bypass of lockdown mode with screen pinning. The consequence of this vulnerability is local information disclosure, meaning sensitive data can be accessed, without the requirement for additional execution privileges. Distinctively, user interaction is not necessary for an attacker to successfully exploit this weakness.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.