Oct. 30, 2023, 6:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

In Content Resolver, there is a possible method to access metadata about existing content providers on the device due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

access android check cve device disclosure exploitation information information disclosure local metadata missing permission privileges resolver

Information Security Engineers

@ D. E. Shaw Research | New York City

Associate Detection & Response Analyst

@ Rapid7 | VA Arlington 22203

Cybersecurity Incident Response Team Lead Senior Manager

@ Accenture Federal Services | Arlington, VA

Cyber - Product Security Intern

@ Festo | Islandia, US, 11749

Lead Cyber Security Engineer - Remote

@ HERE Technologies | Czechia

Heathrow Airport Security Officer - SIA License

@ Optime Group | Hounslow, England, United Kingdom