CVE-2023-20929

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-20929

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-20929.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-20929

Aliases

A-234442700
ASB-A-234442700

Published

2023-03-24T20:15:09.303Z

Modified

2026-03-14T12:01:26.474662Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator

Summary

[none]

Details

In sendHalfSheetCancelBroadcast of HalfSheetActivity.java, there is a possible way to learn nearby BT MAC addresses due to an unrestricted broadcast intent. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-234442700

References

https://source.android.com/security/bulletin/2023-03-01

Affected packages

Git /

Affected ranges

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-20929.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "13.0"
            }
        ]
    }
]