CVE-2023-2625

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Jun 28, 2023

Updated: Jul 6, 2023

CWE ID 863

Summary

CVE-2023-21151 is a critical vulnerability affecting the Google BMS kernel module in the Android operating system. It involves a heap buffer overflow, which could result in an out-of-bounds write and allow a local attacker to escalate privileges, gaining System execution privileges without user interaction. This issue, identified as A-265144314, impacts the Android kernel and requires immediate attention from device manufacturers and users to apply relevant patches to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Arcserve Unified Data Protection

Affected Vendors

Arcserve (USA) LLC

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/rzhx0H
https://www.cve.org/CVERecord?id=CVE-2023-2625
https://nvd.nist.gov/vuln/detail/CVE-2023-2625

Back to Vulnerability Database