CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21208
https://notcve.org/view.php?id=CVE-2023-21208
In setCountryCodeInternal of sta_iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262245254 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21179
https://notcve.org/view.php?id=CVE-2023-21179
In parseSecurityParamsFromXml of XmlUtil.java, there is a possible bypass of user specified wifi encryption protocol due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-272755865 • https://source.android.com/security/bulletin/pixel/2023-06-01 •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21194
https://notcve.org/view.php?id=CVE-2023-21194
In gatt_dbg_op_name of gatt_utils.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the Bluetooth server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260079141 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21209
https://notcve.org/view.php?id=CVE-2023-21209
In multiple functions of sta_iface.cpp, there is a possible out of bounds read due to unsafe deserialization. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-262236273 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-502: Deserialization of Untrusted Data •
CVSS: 4.4EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21199
https://notcve.org/view.php?id=CVE-2023-21199
In btu_ble_proc_ltk_req of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-254445961 • https://source.android.com/security/bulletin/pixel/2023-06-01 • CWE-125: Out-of-bounds Read •