VDB

CISA-2023-21173

CISA-2023-21173 PUBLISHED

Reported by google_android · Published June 28, 2023

In multiple methods of DataUsageList.java, there is a possible way to learn about admin user's network activities due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262741858

Affected Products

VendorProductVersions
n/aAndroidAndroid-13
n/aAndroidAndroid-13, Android-13

Timeline

  • Jun 28, 2023 CVE Published
  • Dec 5, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›