CVE-2023-48418

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Jan 2, 2024
Updated: Jan 10, 2024
CWE ID 269

Summary

CVE-2023-48418 is a vulnerability affecting the checkDebuggingDisallowed function in DeviceVersionFragment.java. This issue allows an attacker to potentially access adb (Android Debug Bridge) before the Secure User Wireless (SUW) completion, by exploiting an insecure default value. Successful exploitation could result in local privilege escalation, requiring no additional execution privileges and no user interaction.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share