CVE-2023-21273
CVSS 3.1 Score 8.8 of 10 (high)
Details
Published Aug 14, 2023
Updated: Aug 18, 2023
CWE ID 787
Summary
CVE-2023-21273 is a newly identified vulnerability affecting SDP_AddAttribute function in sdp_db.cc. The issue stems from an incorrect bounds check, which creates an opportunity for a possible out-of-bounds write. This vulnerability could allow for remote (proximal or adjacent) code execution without the requirement for additional execution privileges. No user interaction is needed for an attacker to exploit this weakness.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android