CVE-2023-35692 (android) | allinfosecnews.com

July 14, 2023, 4:15 p.m. |

National Vulnerability Database web.nvd.nist.gov

In getLocationCache of GeoLocation.java, there is a possible way to send a mock location during an emergency call due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

android call cve emergency escalation exploitation geolocation input input validation java local location privilege privileges send validation

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Financial Crimes Compliance - Senior - Consulting - Location Open

@ EY | New York City, US, 10001-8604

View on infosec-jobs.com

Software Engineer - Cloud Security

@ Neo4j | Malmö

View on infosec-jobs.com

Security Consultant

@ LRQA | Singapore, Singapore, SG, 119963

View on infosec-jobs.com

Identity Governance Consultant

@ Allianz | Sydney, NSW, AU, 2000

View on infosec-jobs.com

Educator, Cybersecurity

@ Brain Station | Toronto

View on infosec-jobs.com

Principal Security Engineer

@ Hippocratic AI | Palo Alto

View on infosec-jobs.com