CVE-2023-21237
Android Pixel Information Disclosure Vulnerability
CVSS
—
Sin CVSS
EPSS
0.3%
p18
KEV
SÍ
5 mar 2024
Exploit Today
55
0-100
Publicado: — · Última mod.: —
Producto
Android / Pixel
Vulnerabilidad
Android Pixel Information Disclosure Vulnerability
Añadido a KEV
5 mar 2024
Remediar antes de
26 mar 2024
Uso conocido en ransomware
No
Descripción resumida
Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. This could enable a local attacker to disclose sensitive information.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://source.android.com/docs/security/bulletin/pixel/2023-06-01; https://nvd.nist.gov/vuln/detail/CVE-2023-21237