5 matches found
Google Android elevation of privilege vulnerability (CNVD-2023-69042)
Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from a logic error in the code of the isServerCertChainValid module of InsecureEapNetworkHandler.java, which can be exploited by an attacke...
CVE-2023-21242
In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21242
In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21242
CVE-2023-21242 affects Android’s InsecureEapNetworkHandler.isServerCertChainValid, where a logic error could allow trusting an imposter server. The root cause is in isServerCertChainValid, enabling remote escalation of privilege without additional execution privileges and with no user interaction...
CVE-2023-21242
In isServerCertChainValid of InsecureEapNetworkHandler.java, there is a possible way to trust an imposter server due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...