Lucene search
Google_DevicesCVELIST:CVE-2023-4164HistoryJan 02, 2024 - 9:20 p.m.
CVE-2023-4164 There is a possible information disclosure due to a missing permission check in Pixel Watch
2024-01-0221:20:15
CWE-200
Google_Devices
www.cve.org
4
cve-2023-4164
missing permission check
local information disclosure
health data
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0
Percentile
5.1%
There is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of health data with no additional execution privileges needed.
CNA Affected
[
{
"defaultStatus": "unaffected",
"platforms": [
"Android"
],
"product": "Pixel Watch",
"vendor": "Google",
"versions": [
{
"status": "unknown",
"version": "v10"
}
]
}
]Related
nvd
nvd
CVE-2023-4164
2024-01-02 22:15:08
prion
prion
Information disclosure
2024-01-02 22:15:00
vulnrichment
vulnrichment
cve
cve
CVE-2023-4164
2024-01-02 22:15:08
androidsecurity
androidsecurity
Pixel Watch Security Bulletin—December 2023
2023-12-11 00:00:00
CVSS3
8.4
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
8.9
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVELIST:CVE-2023-4164