4 matches found
CVE-2023-40090
In BTMBleVerifySignature of btmble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40090
creationtimestamp| type| source ---|---|--- 2023-12-24 10:11:37+00:00| seen| https://t.me/ctinow/158973...
CVE-2023-40090
In BTMBleVerifySignature of btmble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40090
What’s affected: Google Android platform vulnerability CVE-2023-40090 in the Bluetooth stack, specifically BTM_BleVerifySignature in btm_ble.cc. The issue is described as bypassing signature validation via side-channel information disclosure, enabling remote escalation of privilege with no additi...