CVE-2023-40634

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 8, 2023

Updated: Oct 11, 2023

CWE ID 862

Summary

CVE-2023-40634 is a vulnerability affecting the phasechecksercer component. It involves a missed permission check, which if exploited, allows an attacker to escalate local privileges without requiring additional execution privileges. This could potentially grant unauthorized access to sensitive information or system functions. Organizations using phasechecksercer are advised to apply the necessary patches or updates to mitigate this risk. Failure to do so could result in serious security consequences.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sYemiT
https://www.cve.org/CVERecord?id=CVE-2023-40634
https://nvd.nist.gov/vuln/detail/CVE-2023-40634

Back to Vulnerability Database