Unrated severityNVD Advisory· Published Dec 4, 2023· Updated Aug 2, 2024
CVE-2023-45779
CVE-2023-45779
Description
In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the referenced links.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- github.com/metaredteam/external-disclosures/security/advisories/GHSA-wmcc-g67r-9962mitre
- rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys.htmlmitre
- source.android.com/security/bulletin/2023-12-01mitre
- www.fairphone.com/en/2024/01/30/security-update-apex-modules-vulnerability-fixed/mitre
News mentions
0No linked articles in our index yet.