CVE-2023-21342

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 30, 2023

Updated: Nov 7, 2023

Summary

CVE-2023-21342 is a newly identified vulnerability in Speech software. A logic error in the code allows an attacker to bypass the background activity launch mechanism, granting local privilege escalation. Notably, no additional execution privileges or user interaction are required for exploitation. This issue poses a significant risk to systems running the affected Speech software.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/s5L87D
https://www.cve.org/CVERecord?id=CVE-2023-21342
https://nvd.nist.gov/vuln/detail/CVE-2023-21342

Back to Vulnerability Database