4.4
CVSSv3

CVE-2023-20983

Published: 24/03/2023 Updated: 21/11/2024

Vulnerability Summary

In btm_ble_rand_enc_complete of btm_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-260569449

Vulnerable Product Search on Vulmon Subscribe to Product

google android 13.0

Github Repositories

pinduoduo backdoor

拼多多app中提权和获取数据操作的复现DEMO,含源码和演示视频 本项目结合前人的脱壳及分析经验,利用从拼多多app中提取的恶意代码,现实获取用户手机中登录的微博账号功能。演示了拼多多app如何利用漏洞攻击用户手机,取得高权限,从而获取用户数据等操作。 致敬对抗网络黑恶势