CVE-2023-42696

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Dec 4, 2023

Updated: Dec 7, 2023

CWE ID 862

Summary

CVE-2023-42696 is a vulnerability affecting telecom services. It involves a missing permission check, allowing an attacker to gain local escalation of privilege without the need for additional execution privileges. This issue could potentially be exploited to elevate access levels within the telecom system, posing a security risk. The specifics of the vulnerability are under investigation, but it is recommended that telecom service providers apply relevant patches or mitigations to protect against potential exploitation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/srAC6a
https://www.cve.org/CVERecord?id=CVE-2023-42696
https://nvd.nist.gov/vuln/detail/CVE-2023-42696

Back to Vulnerability Database