In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2023-08-14T20:48:48.811Z
Updated: 2024-08-02T09:21:33.814Z
Reserved: 2022-11-03T22:37:50.595Z
Link: CVE-2023-20965
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-08-14T21:15:10.320
Modified: 2023-08-24T15:09:35.493
Link: CVE-2023-20965
Redhat
No data.