Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 19, 2023
Severity High Analysis Summary A new information-stealing malware called Mystic Stealer emerged in April 2023, gaining popularity in cybercrime circles. It targets various web browsers, browser […]September 19, 2023Rewterz Threat Alert – BlackCat/ALPHV Ransomware Group Allegedly Encrypted Over 100 MGM ESXi Servers
Severity High Analysis Summary An affiliate of the BlackCat ransomware group, also known as APLHV, recently carried out a significant cyberattack on MGM Resorts, leading to […]September 19, 2023Severity High Analysis Summary APT37, also known as ScarCruft or Red Eyes, is a state-sponsored cyber espionage group originating from North Korea. The group has been […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Platform
Managed Security Services
Managed Penetration Testing
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Resources
September 19, 2023Severity High Analysis Summary A new information-stealing malware called Mystic Stealer emerged in April 2023, gaining popularity in cybercrime circles. It targets various web browsers, browser […]September 19, 2023Rewterz Threat Alert – BlackCat/ALPHV Ransomware Group Allegedly Encrypted Over 100 MGM ESXi Servers
Severity High Analysis Summary An affiliate of the BlackCat ransomware group, also known as APLHV, recently carried out a significant cyberattack on MGM Resorts, leading to […]September 19, 2023Severity High Analysis Summary APT37, also known as ScarCruft or Red Eyes, is a state-sponsored cyber espionage group originating from North Korea. The group has been […]Threat Insights
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Connect with Us
Rewterz Threat Advisory – CVE-2023-37988 – WordPress Contact Form Generator Plugin Vulnerability
August 16, 2023Rewterz Threat Advisory – CVE-2023-33013 – Zyxel NBG6604 Devices Vulnerability
August 16, 2023
Severity
Medium
Analysis Summary
CVE-2023-21132 CVSS:6.4
Google Android could allow a physically proximate attacker to gain elevated privileges on the system, caused by a missing permission check in onCreate of ManagePermissionsActivity.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges. Note: device must have been factory reset.
CVE-2023-21133 CVSS:6.4
Google Android could allow a physically proximate attacker to gain elevated privileges on the system, caused by a missing permission check in onCreate of ManagePermissionsActivity.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges. Note: device must have been factory reset.
CVE-2023-21134 CVSS:6.4
Google Android could allow a physically proximate attacker to gain elevated privileges on the system, caused by a missing permission check in onCreate of ManagePermissionsActivity.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges. Note: device must have been factory reset.
CVE-2023-21140 CVSS:6.4
Google Android could allow a physically proximate attacker to gain elevated privileges on the system, caused by a missing permission check in onCreate of ManagePermissionsActivity.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges. Note: device must have been factory reset.
CVE-2023-21229 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by an unsafe PendingIntent in registerServiceLocked of ManagedServices.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-21230 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by a precondition check failure in onAccessPointChanged of AccessPointPreference.java. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21231 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by a missing permission check in getIntentForButton of ButtonManager.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-21269 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by a BAL bypass flaw in startActivityInner of ActivityStarter.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-21271 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by an out of bounds read in parseInputs of ShimPreparedModel.cpp. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21272 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by a bad URI permission grant in readFrom of Uri.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-21273 CVSS:9.8
Google Android could allow a remote attacker to execute arbitrary code on the system, caused by an out of bounds write in SDP_AddAttribute of sdp_db.cc. By executing a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-21274 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by an out of bounds read in convertSubgraphFromHAL of ShimConverter.cpp. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21275 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by a logic error in the code in decideCancelProvisioningDialog of AdminIntegratedFlowPrepareActivity.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-21276 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by the use of uninitialized data in writeToParcel of CursorWindow.cpp. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21277 CVSS:5.5
Google Android could allow a local authenticated attacker to obtain sensitive information, caused by a missing permission check in visitUris of RemoteViews.java. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21278 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by a logic error in the code in multiple locations. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-21279 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by a confused deputy in visitUris of RemoteViews.java. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21282 CVSS:8.8
Google Android could allow a remote attacker to execute arbitrary code on the system, caused by an incorrect bounds check in TRANSPOSER_SETTINGS of lpp_tran.h. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-21283 CVSS:5.5
Google Android could allow a local attacker to obtain sensitive information, caused by a confused deputy in multiple functions of StatusHints.java. By persuading a victim to execute a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21284 CVSS:5.5
Google Android is vulnerable to a denial of service, caused by improper input validation in multiple functions of DevicePolicyManager.java. By executing a specially crafted application, a local authenticated attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-21285 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by a confused deputy in setMetadata of MediaSessionRecord.java. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21286 CVSS:8.4
Google Android could allow a local attacker to gain elevated privileges on the system, caused by a missing permission check in visitUris of RemoteViews.java. By executing a specially crafted application, an attacker could exploit this vulnerability to gain elevated privileges.
CVE-2023-21288 CVSS:5.5
Google Android could allow a local authenticated attacker to obtain sensitive information, caused by a missing permission check in visitUris of Notification.java. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21289 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by a confused deputy in multiple locations. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-21290 CVSS:6.2
Google Android is vulnerable to a denial of service, caused by a race condition in update of MmsProvider.java. By executing a specially crafted application, a local attacker could exploit this vulnerability to cause a denial of service.
CVE-2023-21292 CVSS:6.2
Google Android could allow a local attacker to obtain sensitive information, caused by a confused deputy in openContentUri of ActivityManagerService.java. By executing a specially crafted application, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
- Code Execution
- Privilege Escalation
- Denial of Service
Indicators Of Compromise
CVE
- CVE-2023-21132
- CVE-2023-21133
- CVE-2023-21134
- CVE-2023-21140
- CVE-2023-21229
- CVE-2023-21230
- CVE-2023-21231
- CVE-2023-21269
- CVE-2023-21271
- CVE-2023-21272
- CVE-2023-21273
- CVE-2023-21274
- CVE-2023-21275
- CVE-2023-21276
- CVE-2023-21277
- CVE-2023-21278
- CVE-2023-21279
- CVE-2023-21282
- CVE-2023-21283
- CVE-2023-21284
- CVE-2023-21285
- CVE-2023-21286
- CVE-2023-21288
- CVE-2023-21289
- CVE-2023-21290
- CVE-2023-21292
Affected Vendors
Affected Products
- Google Android.
Remediation
Refer to Android Open Source Project for patch, upgrade or suggested workaround information.