CVE-2023-21230
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Published Aug 14, 2023
Updated: Aug 18, 2023
CWE ID 754
Summary
CVE-2023-21230 is a vulnerability affecting the Wi-Fi access point change functionality in AccessPointPreference.java. The issue lies in a precondition check failure in the 'onAccessPointChanged' method, which allows unprivileged apps to receive broadcasts about Wi-Fi access point changes, including the BSSID or SSID. This disclosure of local information occurs without the need for additional execution privileges or user interaction.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android