CVE-2023-36629
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-36629 is a vulnerability affecting the ST54-android-packages-apps-Nfc package before version 130-20230215-23W07p0 for Android. This issue involves an out-of-bounds read, allowing an attacker to potentially read memory outside of the intended bounds and gain unauthorized access to sensitive information. Successful exploitation could result in privacy breaches or even system takeover if the vulnerable memory contains important credentials or other critical data. Users are encouraged to update the affected package as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Vendors
- S&T