CVE-2023-20965

In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS v3.0 9.8 CRITICAL

9.8^/10

CVSS v3.0 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://android.googlesource.com/platform/packages/modules/Wifi/+/0d3cb609b0851ea9e5745cc6101e57c2e5e739f2	Patch
https://android.googlesource.com/platform/packages/modules/Wifi/+/88a8a98934215f591605028e200b6eca8f7cc45a	Patch
https://android.googlesource.com/platform/packages/modules/Wifi/+/bd318b9772759546509f6fdb8648366099dd65ad	Patch
https://source.android.com/security/bulletin/2023-08-01	Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*

Information

Published : 2023-08-14 21:15

Updated : 2023-08-24 15:09

NVD link : CVE-2023-20965

Mitre link : CVE-2023-20965

JSON object : View

Products Affected

google

android

CWE

CWE-522

Insufficiently Protected Credentials

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/0d3cb609b0851ea9e5745cc6101e57c2e5e739f2", "name": "https://android.googlesource.com/platform/packages/modules/Wifi/+/0d3cb609b0851ea9e5745cc6101e57c2e5e739f2", "tags": ["Patch"], "refsource": "MISC"}, {"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/88a8a98934215f591605028e200b6eca8f7cc45a", "name": "https://android.googlesource.com/platform/packages/modules/Wifi/+/88a8a98934215f591605028e200b6eca8f7cc45a", "tags": ["Patch"], "refsource": "MISC"}, {"url": "https://android.googlesource.com/platform/packages/modules/Wifi/+/bd318b9772759546509f6fdb8648366099dd65ad", "name": "https://android.googlesource.com/platform/packages/modules/Wifi/+/bd318b9772759546509f6fdb8648366099dd65ad", "tags": ["Patch"], "refsource": "MISC"}, {"url": "https://source.android.com/security/bulletin/2023-08-01", "name": "https://source.android.com/security/bulletin/2023-08-01", "tags": ["Patch", "Vendor Advisory"], "refsource": "MISC"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "In processMessageImpl of ClientModeImpl.java, there is a possible credential disclosure in the TOFU flow due to a logic error in the code. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\n"}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "CWE-522"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2023-20965", "ASSIGNER": "security@android.com"}}, "impact": {"baseMetricV3": {"cvssV3": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}}, "publishedDate": "2023-08-14T21:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:google:android:13.0:-:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2023-08-24T15:09Z"}