Bluetooth Permissions Bypass Vulnerability in Android Devices

Bluetooth Permissions Bypass Vulnerability in Android Devices

CVE-2023-21307 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term identifier for an Android device due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.

Learn more about our Cis Benchmark Audit For Google Android.