Android Pixel Information Disclosure Vulnerability

Description

Android Pixel contains a vulnerability in the Framework component, where the UI may be misleading or insufficient, providing a means to hide a foreground service notification. This could enable a local attacker to disclose sensitive information.

Required Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

References

• https://source.android.com/docs/security/bulletin/pixel/2023-06-01
• https://nvd.nist.gov/vuln/detail/CVE-2023-21237

Additional Information

Catalog Version

2025.01.24

Catalog Released

Jan. 24, 2025

Days Until Due

0 days

Last Updated

6 months ago