CVE-2023-42722

CVSS 3.1 Score 6.7 of 10 (medium)

Details

Published Dec 4, 2023

Updated: Dec 7, 2023

CWE ID 416

Summary

CVE-2023-42722 is a newly disclosed vulnerability affecting the camera service. A logic error in the service allows for a possible use-after-free condition, granting an attacker the ability to escalate their privileges locally. Successful exploitation requires System execution privileges, posing a significant risk to affected systems.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/srAQ7a
https://www.cve.org/CVERecord?id=CVE-2023-42722
https://nvd.nist.gov/vuln/detail/CVE-2023-42722

Back to Vulnerability Database