VDB
CVE-2023-40131
CVE-2023-40131
PUBLISHED
CVSS 9.300000190734863 CRITICAL
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
EPSS 0.01% · 2.9th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.01%
2.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Samsung Android 13 | |
| Google Android 12L | ||
| Google Android 13 | ||
| Samsung | Samsung Android 12 | |
| Google Android 12 | ||
| Google Android 11 | ||
| Samsung | Samsung Android 11 |
Timeline
- Oct 3, 2023 CVE Published
- Oct 28, 2023 EPSS Score
- Nov 28, 2023 EPSS Score
- Dec 29, 2023 EPSS Score
- Jan 29, 2024 EPSS Score
- Feb 28, 2024 EPSS Score
- Mar 30, 2024 EPSS Score
- Apr 30, 2024 EPSS Score
- May 31, 2024 EPSS Score
- Jul 1, 2024 EPSS Score
- Aug 1, 2024 EPSS Score
- Sep 1, 2024 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2539.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2539 advisory
- https://security.samsungmobile.com/securityUpdate.smsb advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2548.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2548 advisory
- https://source.android.com/docs/security/bulletin/2023-10-01 advisory