CVE-2023-41960

Summary

The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely exposed by the Android Agent application, potentially modifying sensitive settings of the Android Client application itself.

Affected Software

VendorProductVersion RangeStatus
RexrothctrlX HMI Web Panel - WR21 (WR2107)allaffected
RexrothctrlX HMI Web Panel - WR21 (WR2110)allaffected
RexrothctrlX HMI Web Panel - WR21 (WR2115)allaffected

Weaknesses

  • CWE-926: CWE-926 Improper Export of Android Application Components

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References