CVE-2023-42741

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Dec 4, 2023

Updated: Dec 7, 2023

CWE ID 862

Summary

CVE-2023-42741 is a vulnerability affecting telecom services, allowing an app to potentially write permission usage records without proper checks. This issue can result in local information disclosure, granting unauthorized access to sensitive data without requiring any additional execution privileges. The lack of permission verification in this context poses a risk to the security and privacy of users utilizing the affected telecom service.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/srAC7I
https://www.cve.org/CVERecord?id=CVE-2023-42741
https://nvd.nist.gov/vuln/detail/CVE-2023-42741

Back to Vulnerability Database