Описание
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Ссылки
- Mailing ListPatch
- PatchThird Party Advisory
- Mailing ListPatch
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00016
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-203
Связанные уязвимости
CVSS3: 6.5
github
около 2 лет назад
In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to bypass signature validation due to side channel information disclosure. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS
Процентиль: 3%
0.00016
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-203