CVE-2023-33880

CVSS 3.1 Score 3.3 of 10 (low)

Details

Published Jul 12, 2023

Updated: Jul 20, 2023

CWE ID 862

Summary

CVE-2023-33880 is a vulnerability affecting a music service where a missing permission check has been identified. This issue allows unauthorized access to local information without the need for additional execution privileges. The absence of proper access controls exposes sensitive data to potential attackers. Malicious actors could exploit this vulnerability to gain insights into user accounts or even steal personal information. The service provider is encouraged to address this issue promptly to prevent potential data breaches.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9raBP
https://www.cve.org/CVERecord?id=CVE-2023-33880
https://nvd.nist.gov/vuln/detail/CVE-2023-33880

Back to Vulnerability Database