CVE-2023-20951

Name of the Vulnerable Software and Affected Versions Android versions Android-11 through Android-13

Description The issue is caused by a missing bounds check in the gatt process prep write rsp function of gatt cl.cc, which could lead to a possible out of bounds write. This may result in remote code execution with no additional execution privileges needed. User interaction is not required for exploitation. The vulnerability exists due to insufficient input validation in the System component of the Android operating system, allowing a remote attacker to execute arbitrary code.

Recommendations For Android versions Android-11 through Android-13, at the moment, there is no information about a newer version that contains a fix for this vulnerability.