CVE-2023-21133
CVSS 3.1 Score 6.8 of 10 (medium)
Details
Published Aug 14, 2023
Updated: Aug 24, 2023
CWE ID 862
Summary
CVE-2023-21133 is a vulnerability affecting the ManagePermissionsActivity.java file. In the onCreate method, a missing permission check enables an attacker to bypass factory reset protections with no need for additional execution privileges. This local privilege escalation can be exploited with physical access to the device after a factory reset, without requiring any user interaction.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android