Fixed Intel

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild and listed in the CISA Known Exploited Vulnerabilities catalog.

Remediation Deadline: Sep 29, 2022

CVE-2011-1823

High
EPSS 34.4%CISA KEV
Android/Android OS

Description

The vold volume manager daemon in Android kernel trusts messages from a PF_NETLINK socket, which allows an attacker to execute code and gain root privileges. This vulnerability is associated with GingerBreak and Exploit.AndroidOS.Lotoor.

EPSS — Exploit Probability

34.4%

Higher than 96.9% of all CVEs

Required Action

https://android.googlesource.com/platform/system/vold/+/c51920c82463b240e2be0430849837d6fdc5352e; https://nvd.nist.gov/vuln/detail/CVE-2011-1823

Risk Assessment

ELEVATED
In CISA KEV

Details

Severity
High
EPSS
34.4%
CISA KEV
Yes
Ransomware
Unknown
Articles
0

Timeline

Published

Sep 8, 2022

Added to KEV

Sep 8, 2022

Remediation Due

Sep 29, 2022

Affected Product

Android

Android OS

View all Android CVEs

External Links

NVD (NIST)CVE DetailsMITRE CVE