CVE-2023-21197

2023-06-2800:00:00

google_android

www.cve.org

android

btm_acl_process_sca_cmpl_pkt

out of bounds read

information disclosure

no user interaction

remote exploitation

AI Score

7.3

Confidence

High

EPSS

0.001

Percentile

40.8%

JSON

In btm_acl_process_sca_cmpl_pkt of btm_acl.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251427561

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Android",
    "versions": [
      {
        "version": "Android-13",
        "status": "affected"
      }
    ]
  }
]

References

source.android.com/security/bulletin/pixel/2023-06-01