Advertisement
Top
image credit: Unsplash

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

April 14, 2023

Via: The Hacker News
Category:

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The two flaws are listed below –

CVE-2023-20963 (CVSS score: 7.8) – Android Framework Privilege Escalation Vulnerability
CVE-2023-29492 (CVSS score: TBD) – Novi Survey Insecure Deserialization Vulnerability

“Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed,” CISA said in an advisory for CVE-2023-20963.

Read More on The Hacker News

RELATED PUBLICATIONS

The importance of the Vulnerability Operations Centre for cybersecurity
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Are passwordless systems the future of authentication?

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
FIN7 targeted a large U.S. carmaker with phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!