VDB
CVE-2023-4211
CVE-2023-4211
PUBLISHED
KEV
CVSS 9.300000190734863 CRITICAL
In Google Android existieren mehrere Schwachstellen. Diese bestehen in den Komponenten "Framework", "System", "Google Play System Updates", "ARM components", "MediaTek components", "Unisoc components", "Qualcomm components" sowie"Qualcomm closed-source components". Ein Angreifer kann diese Schwachstellen ausnutzen, um seine Privilegien zu erweitern, beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
EPSS 0.20% · 41.6th percentile
Risk Scores
CVSS 4.0
9.300000190734863
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
EPSS Score
0.20%
41.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Google Android 12 | ||
| Google Android 11 | ||
| Google Android 13 | ||
| Google Android 12L |
Timeline
- Sep 18, 2023 VulnCheck KEV Exploitation
- Oct 1, 2023 CVE Published
- Oct 2, 2023 VulnCheck KEV Exploitation
- Oct 2, 2023 PoC Published
- Oct 2, 2023 EPSS Score
- Oct 3, 2023 CISA KEV Added
- Oct 3, 2023 PoC Published
- Oct 5, 2023 EPSS Score
- Oct 5, 2023 PoC Published
- Dec 4, 2023 EPSS Score
- Jan 5, 2024 EPSS Score
- Feb 2, 2024 VulnCheck KEV Exploitation
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2548.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2548 advisory
- https://source.android.com/docs/security/bulletin/2023-10-01 advisory
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2841.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2841 advisory
- https://www.cisa.gov/news-events/alerts/2023/12/05/cisa-adds-four-known-exploited-vulnerabilities-catalog exploit
- https://security.samsungmobile.com/securityUpdate.smsb advisory