← Volver a CVEs
CVE-2023-21103
MEDIUM5.5
Descripcion
In registerPhoneAccount of PhoneAccountRegistrar.java, uncaught exceptions in parsing persisted user data could lead to local persistent denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-259064622
Detalles CVE
Puntuacion CVSS v3.15.5
SeveridadMEDIUM
Vector CVSSCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueLOCAL
ComplejidadLOW
Privilegios requeridosLOW
Interaccion usuarioNONE
Publicado5/15/2023
Ultima modificacion1/24/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
google:android
Debilidades (CWE)
CWE-209
Referencias
https://source.android.com/security/bulletin/2023-05-01(security@android.com)
https://source.android.com/security/bulletin/2023-05-01(af854a3a-2127-422b-91ae-364da2661108)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.