Login Sign Up

CVE-2023-20951

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

This critical vulnerability in Android's Bluetooth GATT implementation allows remote attackers to execute arbitrary code without user interaction. It affects Android 11 through 13 devices with Bluetooth enabled, potentially compromising device security and user data.

💻 Affected Systems

Products:
  • Android
Versions: Android 11, 12, 12L, 13
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Requires Bluetooth to be enabled and within range of attacker (typically ~10 meters)

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full device compromise with remote code execution leading to data theft, surveillance, or device takeover

🟠

Likely Case

Remote code execution allowing installation of malware, data exfiltration, or device control

🟢

If Mitigated

Limited impact if Bluetooth is disabled or devices are patched, though still serious if exploited

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires proximity to target device and knowledge of Bluetooth protocol manipulation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Bulletin March 2023 patches

Vendor Advisory: https://source.android.com/security/bulletin/2023-03-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > System update. 2. Install March 2023 or later security patch. 3. Restart device after installation.

🔧 Temporary Workarounds

Disable Bluetooth

android

Turn off Bluetooth when not in use to prevent exploitation

Settings > Connected devices > Connection preferences > Bluetooth > Toggle off

Restrict Bluetooth visibility

android

Set Bluetooth to non-discoverable mode to reduce attack surface

Settings > Connected devices > Connection preferences > Bluetooth > Device name > Turn off 'Make device discoverable'

🧯 If You Can't Patch

  • Disable Bluetooth completely when not actively using Bluetooth devices
  • Use device only in trusted environments away from potential attackers

🔍 How to Verify

Check if Vulnerable:

Check Android version in Settings > About phone > Android version. If version is 11, 12, 12L, or 13 without March 2023 patches, device is vulnerable.

Check Version:

Settings > About phone > Android version

Verify Fix Applied:

Check security patch level in Settings > About phone > Android version > Security patch level. Should show 'March 5, 2023' or later.

📡 Detection & Monitoring

Log Indicators:

  • Unusual Bluetooth connection attempts
  • GATT protocol errors in Bluetooth logs
  • Process crashes in Bluetooth stack

Network Indicators:

  • Suspicious Bluetooth packet patterns targeting GATT services
  • Multiple failed GATT write attempts

SIEM Query:

Not typically applicable for mobile device Bluetooth attacks

📊 Metadata

CVE ID: CVE-2023-20951
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: March 24, 2023
Last Updated: February 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-20951, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)