CVE-2023-42701

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 4, 2023

Updated: Dec 7, 2023

CWE ID 862

Summary

CVE-2023-42701 is a vulnerability affecting a firewall service where missing permission checks allow an application to write usage records. This issue does not require additional execution privileges and could result in local information disclosure. The vulnerability can potentially be exploited to gain insight into system activities, posing a risk to security and privacy. Organizations using the affected firewall service are advised to apply patches or mitigations as soon as possible.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/sq_9z9
https://www.cve.org/CVERecord?id=CVE-2023-42701
https://nvd.nist.gov/vuln/detail/CVE-2023-42701

Back to Vulnerability Database