CVE-2023-21442

Summary

Improper access control vulnerability in Runestone application prior to version 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12) allows local attackers to get device location information.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileRunestoneunspecified < 2.9.09.003 in Android R(11) and 3.2.01.007 in Android S(12)affected

Weaknesses

  • CWE-284: CWE-284 Improper Access Control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References