Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistGoogle_androidCVELIST:CVE-2023-21250
HistoryJul 12, 2023 - 11:32 p.m.

CVE-2023-21250

2023-07-1223:32:01
google_android
www.cve.org
out of bounds write
gatt_end_operation
gatt_utils.cc
remote code execution
missing bounds check
exploitation

9.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.7%

JSON

In gatt_end_operation of gatt_utils.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

CNA Affected

[
  {
    "defaultStatus": "unaffected",
    "product": "Android",
    "vendor": "Google",
    "versions": [
      {
        "status": "affected",
        "version": "13"
      },
      {
        "status": "affected",
        "version": "12L"
      },
      {
        "status": "affected",
        "version": "12"
      },
      {
        "status": "affected",
        "version": "11"
      }
    ]
  }
]

Related

prion 1
nvd 1
cve 1
osv 1
malwarebytes 1
thn 1
prion
prion
Out-of-bounds
2023-07-13 00:15:00
nvd
nvd
CVE-2023-21250
2023-07-13 00:15:23
cve
cve
CVE-2023-21250
2023-07-13 00:15:23
osv
osv
[ESS-CWE-121] - [WearOS] NCC-E005047-NNW - Stack Buffer Overwrite in gatt_end_operation
2023-07-01 00:00:00
malwarebytes
malwarebytes
Update Android now! Google patches three actively exploited zero-days
2023-07-06 01:00:00
thn
thn
Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities
2023-07-07 07:24:00

9.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.7%

JSON
Related for CVELIST:CVE-2023-21250
prion1nvd1cve1osv1malwarebytes1thn1