CVE-2023-35679

2023-09-1120:09:54

google_android

www.cve.org

mtppropertyvalue mtpproperty.h local information disclosure user interaction

5.4 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

16.0%

JSON

In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

CNA Affected

[
  {
    "vendor": "Google",
    "product": "Android",
    "versions": [
      {
        "version": "13",
        "status": "affected"
      },
      {
        "version": "12L",
        "status": "affected"
      },
      {
        "version": "12",
        "status": "affected"
      },
      {
        "version": "11",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]