CVE-2023-21365

CVSS 3.1 Score 5.5 of 10 (medium)

Details

Published Oct 30, 2023
Updated: Nov 2, 2023

Summary

CVE-2023-21365 is a vulnerability affecting the Contacts app. This issue results in a potential crash loop due to resource exhaustion, leading to a local denial of service in the Phone app. Notably, this vulnerability requires User execution privileges to exploit, making it a significant concern for affected systems. Despite requiring user interaction, the exploitation process can occur without the user's knowledge, potentially causing disruption to the Phone app.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share