CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-21284

In multiple functions of DevicePolicyManager.java, there is a possible way to prevent enabling the Find my Device feature due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 4.0%

CVSS Severity

CVSS v3 Score 5.5

References

https://android.googlesource.com/platform/frameworks/base/+/ed3f25b7222d4cff471f2b7d22d1150348146957
https://source.android.com/security/bulletin/2023-08-01
https://android.googlesource.com/platform/frameworks/base/+/ed3f25b7222d4cff471f2b7d22d1150348146957
https://source.android.com/security/bulletin/2023-08-01

Products affected by CVE-2023-21284

Google » Android » Version: 11.0

cpe:2.3:o:google:android:11.0
Google » Android » Version: 12.0

cpe:2.3:o:google:android:12.0
Google » Android » Version: 12.1

cpe:2.3:o:google:android:12.1
Google » Android » Version: 13.0

cpe:2.3:o:google:android:13.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-21284

Products

Pricing

Contact Us