CVE-2023-21307

CVSS 3.1 Score 5.0 of 10 (medium)

Details

Published Oct 30, 2023
Updated: Nov 6, 2023
CWE ID 287

Summary

CVE-2023-21307 is a vulnerability in Bluetooth that allows a paired Bluetooth device to access a long-term identifier for an Android device by bypassing permissions. This vulnerability can lead to local information disclosure without the need for additional execution privileges, although user interaction is required for exploitation. The affected products include various Android devices. To remediate this vulnerability, it is recommended to update the Android operating system to the latest version available. The potential danger posed by this vulnerability is a high risk of confidential information being disclosed locally on the affected Android devices.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-21307 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options