CVE-2023-30923

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 12, 2023

Updated: Jul 19, 2023

CWE ID 862

Summary

CVE-2023-30923 is a vulnerability affecting a messaging service where a missing permission check exists. An attacker can exploit this issue to disclose local information without requiring any additional execution privileges. This oversight in access control could potentially lead to sensitive data being exposed. The impact of this vulnerability is significant as it allows unauthorized access to information that was intended to be protected. It is recommended that affected organizations apply the necessary patches or updates to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9sDIz
https://www.cve.org/CVERecord?id=CVE-2023-30923
https://nvd.nist.gov/vuln/detail/CVE-2023-30923

Back to Vulnerability Database