CVE-2023-38438

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Sep 4, 2023

Updated: Sep 7, 2023

CWE ID 862

Summary

CVE-2023-38438 is a vulnerability affecting the component "vowifiservice." It involves a missing permission check, resulting in potential local information disclosure. No additional execution privileges are required to exploit this issue. This flaw could pose a risk to system security by allowing unauthorized access to sensitive data within the affected system. Organizations are encouraged to apply the necessary patches to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sCA9XJ
https://www.cve.org/CVERecord?id=CVE-2023-38438
https://nvd.nist.gov/vuln/detail/CVE-2023-38438

Back to Vulnerability Database