exploitDog

CVE-2023-20977

Опубликовано: 24 мар. 2023

Источник: nvd

CVSS3: 4.4

EPSS Низкий

Описание

In btm_ble_read_remote_features_complete of btm_ble_gap.cc, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445952

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00013

Низкий

4.4 Medium

CVSS3

Дефекты

CWE-125

CWE-125

Связанные уязвимости

GHSA-cmj4-9f9m-cm6v

CVSS3: 4.4

github

почти 3 года назад

In btm_ble_read_remote_features_complete of btm_ble_gap.cc, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if the firmware were compromised with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445952

EPSS

Процентиль: 2%

0.00013

Низкий

4.4 Medium

CVSS3

Дефекты

CWE-125

CWE-125