CVE-2023-21252

Published: Oct 6, 2023

Modified: Sep 19, 2024

PUBLISHED

Description

In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.

Vendor	Product	Versions
Google	Android	affected `13` affected `12L` affected `12` affected `11`

References

https://android.googlesource.com/platform/packages/modules/Wifi/+/044ab0684153c4effb9f4fda47df43ccdc77bda8

https://android.googlesource.com/platform/packages/modules/Wifi/+/50b08ee30e04d185e5ae97a5f717d436fd5a90f3

https://source.android.com/security/bulletin/2023-10-01

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-21252

Description

Affected Products

References