CVE-2023-20942

In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS v3 5.5 MEDIUM

5.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 1.8 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://android.googlesource.com/platform/frameworks/av/+/770b45c3c1619cf4008b89e7a0f4392bf2224bbc	Patch
https://android.googlesource.com/platform/frameworks/av/+/b072419650958c41c87d2baa572dc2fe6da9ea6b	Patch
https://android.googlesource.com/platform/frameworks/av/+/bae3b00a5873d1562679a1289fd8490178cfe064	Patch
https://source.android.com/security/bulletin/2023-07-01	Patch Vendor Advisory
https://android.googlesource.com/platform/frameworks/av/+/770b45c3c1619cf4008b89e7a0f4392bf2224bbc	Patch
https://android.googlesource.com/platform/frameworks/av/+/b072419650958c41c87d2baa572dc2fe6da9ea6b	Patch
https://android.googlesource.com/platform/frameworks/av/+/bae3b00a5873d1562679a1289fd8490178cfe064	Patch
https://source.android.com/security/bulletin/2023-07-01	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:google:android:12.0:::::::*
	cpe:2.3:o:google:android:12.1:::::::*
	cpe:2.3:o:google:android:13.0:::::::*

History

No history.

Information

Published : 2023-07-13 00:15

Updated : 2024-11-21 07:41

NVD link : CVE-2023-20942

Mitre link : CVE-2023-20942

CVE.ORG link : CVE-2023-20942

JSON object : View

Products Affected

google

android

CWE

NVD-CWE-noinfo CWE-326

Inadequate Encryption Strength

{"id": "CVE-2023-20942", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2023-07-13T00:15:23.363", "references": [{"url": "https://android.googlesource.com/platform/frameworks/av/+/770b45c3c1619cf4008b89e7a0f4392bf2224bbc", "tags": ["Patch"], "source": "security@android.com"}, {"url": "https://android.googlesource.com/platform/frameworks/av/+/b072419650958c41c87d2baa572dc2fe6da9ea6b", "tags": ["Patch"], "source": "security@android.com"}, {"url": "https://android.googlesource.com/platform/frameworks/av/+/bae3b00a5873d1562679a1289fd8490178cfe064", "tags": ["Patch"], "source": "security@android.com"}, {"url": "https://source.android.com/security/bulletin/2023-07-01", "tags": ["Patch", "Vendor Advisory"], "source": "security@android.com"}, {"url": "https://android.googlesource.com/platform/frameworks/av/+/770b45c3c1619cf4008b89e7a0f4392bf2224bbc", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://android.googlesource.com/platform/frameworks/av/+/b072419650958c41c87d2baa572dc2fe6da9ea6b", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://android.googlesource.com/platform/frameworks/av/+/bae3b00a5873d1562679a1289fd8490178cfe064", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://source.android.com/security/bulletin/2023-07-01", "tags": ["Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-326"}]}], "descriptions": [{"lang": "en", "value": "In openMmapStream of AudioFlinger.cpp, there is a possible way to record audio without displaying the microphone privacy indicator due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"}], "lastModified": "2024-11-21T07:41:51.863", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C"}, {"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72"}, {"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469"}], "operator": "OR"}]}], "sourceIdentifier": "security@android.com"}