WID-SEC-W-2023-0633 — Vulnetix

WID-SEC-W-2023-0633 PUBLISHED CVSS 8.699999809265137 HIGH

Das Android Betriebssystem von Google ist eine quelloffene Plattform für mobile Geräte. Die Basis bildet der Linux-Kernel.

Risk Scores

CVSS v4.0

8.699999809265137

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

Vendor	Product	Versions
	Google Android AOSP 13

Exploit Intelligence

A lightweight CLI tool to detect and reconstruct cropped images vulnerable to Acropalypse (CVE-2023-21036 and CVE-2023-28303) written in Python. (github-poc-repo)
A lightweight CLI tool to detect and reconstruct cropped images vulnerable to Acropalypse (CVE-2023-21036 and CVE-2023-28303) written in Python. (github-poc)
X-Ways Acropalypse extension detects CVE-2023-21036 in common images (github-poc-repo)
X-Ways Acropalypse extension detects CVE-2023-21036 in common images (github-poc)
Web tool for detecting Acropalypse (CVE-2023-21036) https://lordofpipes.github.io/acropadetect/ (github-poc)
CVE-2023-21036 detection in Go (github-poc)
Detection and sanitization for Acropalypse Now - CVE-2023-21036 (github-poc)
Discord bot for mitigating the aCropalypse vulnerability (CVE-2023-21036, CVE-2023-28303) by retroactively deleting vulnerable images (github-poc)
https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-0633.json (circl)
https://source.android.com/docs/security/bulletin/pixel/2023-03-01 (circl)

…and 4 more exploits

Timeline

Mar 13, 2023 CVE Published

References

Open in Interactive Console →

$ Console Community · 100/wk Open console ›