cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-48418,https://securityvulnerability.io/vulnerability/CVE-2023-48418,User Build misconfiguration resulting in local escalation of privilege,"The vulnerability identified within DeviceVersionFragment.java in Pixel Watch allows unauthorized access to Android Debug Bridge (adb) due to an insecure default configuration before the superuser workflow (SUW) is completed. This issue enables a potential local escalation of privileges without necessitating any additional execution rights or user interaction, making the device more susceptible to exploit attempts by malicious actors. This emphasizes the need for timely security updates and proper configuration management to mitigate potential risks.",Google,Pixel Watch,10,CRITICAL,0.0004199999966658652,false,false,false,false,,false,false,2024-01-02T23:15:00.000Z,0
CVE-2023-4164,https://securityvulnerability.io/vulnerability/CVE-2023-4164,There is a possible information disclosure due to a missing permission check in Pixel Watch,"A security vulnerability has been identified in the Android Pixel Watch that allows for potential local information disclosure of sensitive health data due to a missing permission check. This absence of proper enforcement measures means that unauthorized access could occur without the need for additional execution privileges, potentially compromising the privacy of users' health information. It is crucial for users to be aware of this issue and for organizations to implement necessary patches or workarounds to mitigate the risk associated with this vulnerability.",Google,Pixel Watch,8.4,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2024-01-02T22:15:00.000Z,0