Vulnerabilities

CVE-2023-40104

by Fred · 15/02/2024

In ca-certificates, there is a possible way to read encrypted TLS data due to untrusted cryptographic certificates. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

Date published : 2024-02-15

https://android.googlesource.com/platform/system/ca-certificates/+/91204b9fdbd77b3f27f94b73868607b2dccbfdad

https://source.android.com/security/bulletin/2023-11-01

Similar

Tags: Cybersecurity Alert