First published: Mon Sep 04 2023(Updated: )
In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892.
Credit: security@mediatek.com security@mediatek.com
Affected Software | Affected Version | How to fix |
---|---|---|
Google Android | =11.0 | |
Google Android | =12.0 | |
Google Android | ||
Google Android | ||
Mediatek Mt8168 | ||
Mediatek Mt8675 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-32805 is a vulnerability in the power component that could lead to local escalation of privilege with System execution privileges needed, requiring user interaction for exploitation.
This vulnerability requires user interaction for exploitation. An attacker could exploit it by taking advantage of a possible out of bounds write due to an insecure default value in the power component.
The severity of CVE-2023-32805 is medium, with a severity value of 6.5.
CVE-2023-32805 affects Google Android versions 11.0 and 12.0.
To patch CVE-2023-32805, you can apply the provided Patch ID: ALPS08102892.