CVE-2023-21268

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Aug 14, 2023
Updated: Nov 15, 2023
CWE ID 22

Summary

CVE-2023-21268 is a newly discovered path traversal vulnerability affecting MmsProvider.java. This issue allows an attacker to manipulate directory permissions, causing local denial of service to the SIM recognition feature. Notably, no additional execution privileges or user interaction are required for exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share