CVE-2023-38436

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 7, 2023

CWE ID 862

Summary

CVE-2023-38436: A vulnerability was identified in the vowifiservice component. This issue involves a missing permission check, resulting in potential local information disclosure without the need for any additional execution privileges. This could pose a risk to system security and confidentiality. Organizations using this software are advised to apply the necessary patches or workarounds to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sCA9XH
https://www.cve.org/CVERecord?id=CVE-2023-38436
https://nvd.nist.gov/vuln/detail/CVE-2023-38436

Back to Vulnerability Database