Lucene search
Google_androidVULNRICHMENT:CVE-2023-21237HistoryJun 28, 2023 - 12:00 a.m.
CVE-2023-21237
2023-06-2800:00:00
google_android
github.com
4
notificationcontentinflater
android-13
local info disclosure
AI Score
6.3
Confidence
High
EPSS
0.039
Percentile
92.2%
SSVC
Exploitation
active
Automatable
no
Technical Impact
partial
In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251586912
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*"
],
"vendor": "google",
"product": "android",
"versions": [
{
"status": "affected",
"version": "13.0"
}
],
"defaultStatus": "unknown"
}
]Related
cisa_kev
cisa_kev
Android Pixel Information Disclosure Vulnerability
2024-03-05 00:00:00
attackerkb
attackerkb
CVE-2023-21237
2023-06-28 00:00:00
nvd
nvd
CVE-2023-21237
2023-06-28 18:15:16
prion
prion
Design/Logic Flaw
2023-06-28 18:15:00
cve
cve
CVE-2023-21237
2023-06-28 18:15:16
cvelist
cvelist
CVE-2023-21237
2023-06-28 00:00:00
thn
thn
Urgent: Apple Issues Critical Updates for Actively Exploited Zero-Day Flaws
2024-03-06 05:54:00
AI Score
6.3
Confidence
High
EPSS
0.039
Percentile
92.2%
SSVC
Exploitation
active
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-21237