CVE-2023-21230

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2023
Updated: Aug 18, 2023
CWE ID 754

Summary

CVE-2023-21230 is a vulnerability affecting the Wi-Fi access point change functionality in AccessPointPreference.java. The issue lies in a precondition check failure in the 'onAccessPointChanged' method, which allows unprivileged apps to receive broadcasts about Wi-Fi access point changes, including the BSSID or SSID. This disclosure of local information occurs without the need for additional execution privileges or user interaction.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share