CVE-2023-20924
CVE-2023-20924
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.8EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
24 Jan 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240428519References: N/A
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · Android