{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-22T13:03:11.260","vulnerabilities":[{"cve":{"id":"CVE-2023-48418","sourceIdentifier":"dsap-vuln-management@google.com","published":"2024-01-02T23:15:11.000","lastModified":"2025-02-13T18:15:40.127","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a\n    possible way to access adb before SUW completion due to an insecure default\n    value. This could lead to local escalation of privilege with no additional\n    execution privileges needed. User interaction is not needed for\n    exploitation"},{"lang":"es","value":"En checkDebuggingDisallowed de DeviceVersionFragment.java, existe una forma posible de acceder a adb antes de que se complete SUW debido a un valor predeterminado inseguro. Esto podría conducir a una escalada local de privilegios sin necesidad de privilegios de ejecución adicionales. La interacción del usuario no es necesaria para la explotación."}],"metrics":{"cvssMetricV31":[{"source":"dsap-vuln-management@google.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":10.0,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":6.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"dsap-vuln-management@google.com","type":"Secondary","description":[{"lang":"en","value":"CWE-269"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:pixel_watch_firmware:-:*:*:*:*:*:*:*","matchCriteriaId":"E04969E8-7B37-48E1-89F9-02ABE00C9F4D"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:google:pixel_watch:11:*:*:*:*:*:*:*","matchCriteriaId":"ACD23DFF-E651-4901-847B-10A14669BEED"}]}]}],"references":[{"url":"http://packetstormsecurity.com/files/176446/Android-DeviceVersionFragment.java-Privilege-Escalation.html","source":"dsap-vuln-management@google.com"},{"url":"https://source.android.com/docs/security/bulletin/pixel-watch/2023/2023-12-01","source":"dsap-vuln-management@google.com","tags":["Vendor Advisory"]},{"url":"http://packetstormsecurity.com/files/176446/Android-DeviceVersionFragment.java-Privilege-Escalation.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://source.android.com/docs/security/bulletin/pixel-watch/2023/2023-12-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}