CVE-2023-42555
CVSS 3.1 Score 5.5 of 10 (medium)
Details
Summary
CVE-2023-42555 is a vulnerability affecting EasySetup versions prior to 11.1.13. This issue involves the use of implicit intent for sensitive communication, allowing attackers to obtain the Bluetooth address of a user's device. This vulnerability could potentially enable unauthorized access or information disclosure, making it a significant security concern for users of EasySetup. Attackers can exploit this flaw to gain crucial information needed to carry out further attacks or establish unsecured connections. Users are strongly advised to update to the latest version of EasySetup to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.