Vulnerability Description
The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read.
CVSS Score
5.5
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| St | St54-Android-Packages-Apps-Nfc | < 130-20230215-23w07p0 |
Related Weaknesses (CWE)
References
- https://github.com/STMicroelectronics/ST54-android-packages-apps-Nfc/releases/taRelease Notes
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-andrExploitPress/Media Coverage
- https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-007_Xiaomi_RExploitThird Party Advisory
- https://github.com/STMicroelectronics/ST54-android-packages-apps-Nfc/releases/taRelease Notes
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-andrExploitPress/Media Coverage
- https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-007_Xiaomi_RExploitThird Party Advisory
FAQ
What is CVE-2023-36629?
CVE-2023-36629 is a vulnerability with a CVSS score of 5.5 (MEDIUM). The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read.
How severe is CVE-2023-36629?
CVE-2023-36629 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-36629?
Check the references section above for vendor advisories and patch information. Affected products include: St St54-Android-Packages-Apps-Nfc.