March 11, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – ICS: Schneider Electric Easy UPS Online Monitoring Software Vulnerability
December 13, 2023Rewterz Threat Alert – APT37 Aka ScarCruft or RedEyes – Active IOCs
December 13, 2023Rewterz Threat Advisory – ICS: Schneider Electric Easy UPS Online Monitoring Software Vulnerability
December 13, 2023Rewterz Threat Alert – APT37 Aka ScarCruft or RedEyes – Active IOCs
December 13, 2023
Severity
High
Analysis Summary
CVE-2023-40081 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by a confused deputy in loadMediaDataInBgForResumption of MediaDataManager.kt. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information and use this information to launch further attacks against the affected system.
CVE-2023-40088 CVSS:8.8
Google Android could allow a remote attacker within the local network to execute arbitrary code on the system, caused by a use-after-free in callback_thread_event in the com_android_bluetooth_btservice_AdapterService.cpp script. By executing a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-40089 CVSS:8.4
Google Android Framework could allow a local attacker to gain elevated privileges on the system, caused by missing permissions checks in getCredentialManagerPolicy in the DevicePolicyManagerService.java script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-40090 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by side-channel information disclosure in BTM_BleVerifySignature in the btm_ble.cc script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-40091 CVSS:8.4
Google Android Framework could allow a local attacker to gain elevated privileges on the system, caused by memory corruption in onTransact in the IncidentService.cpp script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-40094 CVSS:8.4
Google Android Framework could allow a local attacker to gain elevated privileges on the system, caused by missing permissions checks in keyguardGoingAway in the ActivityTaskManagerService.java script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-40095 CVSS:8.4
Google Android Framework could allow a local attacker to gain elevated privileges on the system, caused by missing checks in createDontSendToRestrictedAppsBundle in the PendingIntentUtils.java script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-40096 CVSS:7.8
Google Android Framework could allow a local authenticated attacker to gain elevated privileges on the system, caused by a missing flag in OpRecordAudioMonitor::onFirstRef in the AudioRecordClient.cpp script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-40097 CVSS:7.8
Google Android could allow a local attacker to gain elevated privileges on the system, caused by improper input validation in hasPermissionForActivity in the PackageManagerHelper.java script. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
CVE-2023-40103 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by a double-free. By sending a specially crafted request, an attacker could exploit this vulnerability to gain elevated privileges on the system.
Impact
- Privileges Escalation
- Information Disclosure
- Code Execution
Indicators Of Compromise
CVE
- CVE-2023-40081
- CVE-2023-40088
- CVE-2023-40089
- CVE-2023-40090
- CVE-2023-40091
- CVE-2023-40094
- CVE-2023-40095
- CVE-2023-40096
- CVE-2023-40097
- CVE-2023-40103
Affected Vendors
Affected Products
- Google Android 12
- Google Android 11
- Google Android 12L
- Google Android 13
- Google Android 14
Remediation
Refer to the Android Open Source Project for patch, upgrade or suggested workaround information.