CVE-2023-20692Improper Handling of Exceptional Conditions in Google Android

CWE-755Improper Handling of Exceptional Conditions3 documents3 sources
Severity
7.5HIGHNVD
EPSS
1.5%
top 19.15%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google AndroidLinuxfoundation Yocto
Timeline
PublishedJul 4

Description

In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664720; Issue ID: ALPS07664720.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDgoogle/android11.0

🔴Vulnerability Details

2
CVEList
CVE-2023-20692: In wlan firmware, there is possible system crash due to an uncaught exception2023-07-04
GHSA
GHSA-qx5c-44c2-56mq: In wlan firmware, there is possible system crash due to an uncaught exception2023-07-04
CVE-2023-20692 — Google Android vulnerability | cvebase