CVE-2023-33900

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Jul 12, 2023

Updated: Jul 18, 2023

CWE ID 862

Summary

CVE-2023-33900 is a vulnerability affecting telephony services where a crucial permission check is missing. This oversight can permit unauthorized access to local information without the need for extra execution privileges. An attacker can potentially exploit this issue and gain insight into confidential data, posing a security risk to the affected system. The vulnerability requires further investigation to assess its potential impact and develop appropriate mitigations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r9re5z
https://www.cve.org/CVERecord?id=CVE-2023-33900
https://nvd.nist.gov/vuln/detail/CVE-2023-33900

Back to Vulnerability Database