CVE-2023-40653

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Oct 8, 2023

Updated: Feb 15, 2024

CWE ID 862

Summary

CVE-2023-40653 is a vulnerability affecting FW-PackageManager that involves a missing permission check. This issue allows an attacker with local access to potentially escalate their privileges, potentially gaining System execution privileges. The flaw in FW-PackageManager's access control may enable unauthorized actions, posing a significant risk for affected systems. It is important for users to install the necessary patches as soon as possible to mitigate this issue and secure their systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sYfdXL
https://www.cve.org/CVERecord?id=CVE-2023-40653
https://nvd.nist.gov/vuln/detail/CVE-2023-40653

Back to Vulnerability Database