CVE-2023-26309

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 10, 2023

Updated: Aug 15, 2023

Summary

CVE-2023-26309 is a critical remote code execution vulnerability discovered in the webview component of the OnePlus Store app. Maliciously crafted web content can exploit this weakness, allowing an attacker to execute arbitrary code on an affected device. Successful exploitation could lead to unauthorized access, data theft, or even complete system takeover. This issue poses a significant risk to users and highlights the importance of keeping apps updated to protect against known vulnerabilities.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/sSaASj
https://www.cve.org/CVERecord?id=CVE-2023-26309
https://nvd.nist.gov/vuln/detail/CVE-2023-26309

Back to Vulnerability Database

CVE-2023-26309

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations