CVE-2023-21280

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2023

Updated: Aug 21, 2023

CWE ID 400

Summary

CVE-2023-21280 is a vulnerability affecting the setMediaButtonBroadcastReceiver function in MediaSessionRecord.java. This issue presents a potential Denial of Service (DoS) risk, as it allows for resource exhaustion, leading to permanent denial of service. Notably, no additional execution privileges or user interaction are required for exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sQWLqN
https://www.cve.org/CVERecord?id=CVE-2023-21280
https://nvd.nist.gov/vuln/detail/CVE-2023-21280

Back to Vulnerability Database