CRITICAL🇵🇱 Wersja polska

CVE-2023-48418

CVSS 10.0v3.1pub. 2024-01-02upd. 2025-02-13

In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a     possible way to access adb before SUW completion due to an insecure default     value. This could lead to local escalation of privilege with no additional     execution privileges needed. User interaction is not needed for     exploitation

🤖 AI Analysis
How it works

The vulnerability lies in an incorrect default value for access control in the checkDebuggingDisallowed function, which is responsible for verifying whether ADB debugging should be blocked during the device setup phase (Setup Wizard, SUW). Since the default value is set in an insecure manner, an attacker can gain access to the ADB shell before the device is properly configured and secured. Exploitation does not require any additional privileges or user interaction.

Impact

An attacker with physical or local access to the device can gain elevated privileges through the ADB interface, which in turn allows them to take control of the device before the setup process is completed.

Mitigation & patch

Security patches available from the manufacturer should be applied according to the references — Google Pixel Watch security bulletin dated 2023-12-01 (https://source.android.com/docs/security/bulletin/pixel-watch/2023/2023-12-01).

Who is affected

Google Pixel Watch and Google Pixel Watch firmware (Pixel Watch Firmware); specific versions indicated in the manufacturer's security bulletin from December 2023.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Google Pixel Watch

    HW
    Google
    11
  • Google Pixel Watch Firmware

    OS
    Google
    wszystkie wersje
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2025-10585CRITICAL9.8⚠ KEVPL ✓ten sam vendor

Type confusion w V8 (Google Chrome) — zdalne uszkodzenie sterty

CVE-2024-7971CRITICAL9.6⚠ KEVPL ✓ten sam vendor

Type confusion w V8 (Google Chrome/Edge) umożliwiający heap corruption

CVE-2024-5274CRITICAL9.6⚠ KEVPL ✓ten sam vendor

Type Confusion w V8 (Google Chrome) — RCE przez spreparowaną stronę HTML

CVE-2024-4947CRITICAL9.6⚠ KEVPL ✓ten sam vendor

Type Confusion w silniku V8 Chrome — zdalne wykonanie kodu (RCE)

CVE-2024-4671CRITICAL9.6⚠ KEVPL ✓ten sam vendor

Use-after-free w Google Chrome Visuals umożliwiający ucieczkę z sandbox