PT-2023-28412 · Google · Android
Published
2023-11-07
·
Updated
2023-11-15
·
CVE-2023-42545
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 12.7.20.12 in Android 11
Android versions 13.1.48 and 13.5.28 in Android 12
Android version 14.7.38 in Android 13
Description
The issue allows attackers to access location data due to the use of implicit intent for sensitive communication in the Phone application.
Recommendations
For Android 11, update to version 12.7.20.12 or later.
For Android 12, update to a version later than 13.5.28.
For Android 13, update to a version later than 14.7.38.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Android