Lucene search
Google_androidCVE-2023-20910HistoryMar 24, 2023 - 8:15 p.m.
CVE-2023-20910
2023-03-2420:15:09
CWE-400
google_android
web.nvd.nist.gov
65
cve-2023-20910
wifinetworksuggestionsmanager
dos
resource exhaustion
local denial of service
nvd
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
5.1%
In add of WifiNetworkSuggestionsManager.java, there is a possible way to trigger permanent DoS due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected configurations
Node
googleandroidMatch11.0
ORgoogleandroidMatch12.0
ORgoogleandroidMatch12.1
ORgoogleandroidMatch13.0
CNA Affected
[
{
"defaultStatus": "unaffected",
"product": "Android",
"vendor": "Google",
"versions": [
{
"status": "affected",
"version": "13"
},
{
"status": "affected",
"version": "12L"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "11"
}
]
}
]Related
osv
osv
Permanent denial of service via WifiManager#addNetworkSuggestions
2023-07-01 00:00:00
cvelist
cvelist
CVE-2023-20910
2023-03-24 00:00:00
prion
prion
Code injection
2023-03-24 20:15:00
ubuntucve
ubuntucve
CVE-2023-20910
2023-03-24 00:00:00
nvd
nvd
CVE-2023-20910
2023-03-24 20:15:09
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS
0
Percentile
5.1%
Related for CVE-2023-20910