CVE-2023-33912

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 7, 2023

Updated: Aug 10, 2023

CWE ID 862

Summary

CVE-2023-33912 is a vulnerability affecting the Contacts service. The issue involves a missing permission check, which could potentially allow unauthorized access to local information without the need for additional execution privileges. This flaw might expose sensitive contact details to potential attackers, posing a risk to user privacy. The vulnerability should be addressed promptly to prevent potential data breaches. Users are encouraged to install patches or updates as soon as they become available to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sOYsxd
https://www.cve.org/CVERecord?id=CVE-2023-33912
https://nvd.nist.gov/vuln/detail/CVE-2023-33912

Back to Vulnerability Database