Login Sign Up

CVE-2023-21353

7.5 HIGH

📋 TL;DR

CVE-2023-21353 is an out-of-bounds read vulnerability in Android's NFC stack (NFA) that allows remote attackers to read memory contents without authentication or user interaction. This could lead to information disclosure of sensitive data. All Android devices with vulnerable NFC implementations are affected.

💻 Affected Systems

Products:
  • Android devices with NFC capability
Versions: Android versions prior to Android 14
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices with NFC hardware and enabled NFC functionality. Devices without NFC hardware are not vulnerable.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker could read sensitive memory contents including authentication tokens, encryption keys, or other protected data from the device without any user interaction.

🟠

Likely Case

Information disclosure of limited memory regions, potentially exposing device identifiers, temporary data, or application information.

🟢

If Mitigated

With proper network segmentation and NFC disabled, impact is minimal as exploitation requires NFC communication capability.

🌐 Internet-Facing: LOW - Exploitation requires proximity via NFC, not internet connectivity.
🏢 Internal Only: MEDIUM - Within physical proximity, attackers could exploit vulnerable devices in corporate environments.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires physical proximity to target device and specialized NFC equipment. No authentication or user interaction needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android 14 (API level 34) and later

Vendor Advisory: https://source.android.com/docs/security/bulletin/android-14

Restart Required: Yes

Instructions:

1. Update device to Android 14 or later. 2. For devices not receiving Android 14 updates, check with device manufacturer for security patches. 3. Apply any available security updates through Settings > System > System update.

🔧 Temporary Workarounds

Disable NFC functionality

android

Turn off NFC to prevent exploitation via this vector

Settings > Connected devices > Connection preferences > NFC > Toggle OFF

🧯 If You Can't Patch

  • Disable NFC functionality on all vulnerable devices
  • Implement physical security controls to prevent unauthorized NFC device proximity

🔍 How to Verify

Check if Vulnerable:

Check Android version: Settings > About phone > Android version. If version is below Android 14, device is potentially vulnerable if it has NFC hardware.

Check Version:

adb shell getprop ro.build.version.release

Verify Fix Applied:

Verify Android version is 14 or higher: Settings > About phone > Android version should show 14 or higher.

📡 Detection & Monitoring

Log Indicators:

  • Unusual NFC activity logs
  • NFC stack crash logs
  • System logs showing NFC service errors

Network Indicators:

  • N/A - This is a local NFC vulnerability, not network-based

SIEM Query:

N/A - Physical proximity attack not detectable via network monitoring

📊 Metadata

CVE ID: CVE-2023-21353
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: October 30, 2023
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-21353, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)