CVE-2023-21203

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description In the startWpsPbcInternal function of sta iface.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android version Android-13, consider restricting access to the startWpsPbcInternal function in sta iface.cpp to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.