Vulnerability Name:

CVE-2023-21248

Assigned:2022-11-03
Published:2022-11-03
Updated:2024-06-01
Summary:In getAvailabilityStatus of WifiScanningMainSwitchPreferenceController.java, there is a possible way to bypass a device policy restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS v3 Severity:
CVSS v2 Severity:
References:Source: MITRE
Type: CNA
CVE-2023-21248

BACK