CVE-2023-21282

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Aug 14, 2023

Updated: Aug 21, 2023

CWE ID 787

Summary

CVE-2023-21282 is a vulnerability affecting the TRANSPOSER_SETTINGS section in lpp_tran.h. The issue involves an incorrect bounds check that may result in a possible out-of-bounds write. An attacker who successfully exploits this vulnerability can execute remote code, but additional execution privileges are not required. User interaction is necessary for the exploitation to occur.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sQWGjO
https://www.cve.org/CVERecord?id=CVE-2023-21282
https://nvd.nist.gov/vuln/detail/CVE-2023-21282

Back to Vulnerability Database