CVE-2023-46139

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Oct 31, 2023

Updated: Nov 14, 2023

CWE ID 863

Summary

CVE-2023-46139 is a vulnerability affecting KernelSU, a kernel-level root solution for Android devices. In versions 0.6.1 and prior to 0.7.0, if a device with KernelSU is infected with malware with a manipulated app signing block, the malware can gain root privileges. The issue arises due to a flawed signature verification logic in KernelSU, which incorrectly identifies signatures based on their location within the block. attackers can exploit this by downgrading or upgrading the signature, leading KernelSU to mistakenly believe it is a certain version, while the actual signature used for APK verification differs. This vulnerability has been addressed in version 0.7.0. Users can mitigate the risk by keeping the KernelSU manager installed and avoiding installation of unknown apps.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2023-46139 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future

Gain complete coverage of your cyber, third party, and physical attack surface
Proactively mitigate threats before they turn into costly attacks
Make fast, effective, data-driven decisions

Book your demo

Sign in

Back to Vulnerability Database