{"vulnerability": "CVE-2023-48418", "sightings": [{"uuid": "01bee9f4-1c4e-452a-b0d1-8da84c902173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48418", "type": "seen", "source": "https://t.me/ctinow/171844", "content": "https://ift.tt/EC29oJM\nCVE-2023-48418 | Google Pixel Watch 11 DeviceVersionFragment.java checkDebuggingDisallowed privileges management (Bulletin 176446)", "creation_timestamp": "2024-01-23T10:56:17.000000Z"}, {"uuid": "2f8f917a-1b17-4c51-803f-10e3fd859eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48418", "type": "seen", "source": "https://t.me/cibsecurity/74216", "content": "\u203c\ufe0fCVE-2023-48418\u203c\ufe0f\n\n\u00a0In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a \u00a0 \u00a0 possible way to access adb before SUW completion due to an insecure default \u00a0 \u00a0 value. This could lead to local escalation of privilege with no additional \u00a0 \u00a0 execution privileges needed. User interaction is not needed for \u00a0 \u00a0 exploitation \n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-03T01:38:32.000000Z"}, {"uuid": "eb834ec0-2928-4f00-be82-674bd3922651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48418", "type": "seen", "source": "https://t.me/ctinow/162112", "content": "https://ift.tt/FqJLIUO\nCVE-2023-48418", "creation_timestamp": "2024-01-03T00:26:49.000000Z"}, {"uuid": "a9293cca-271d-46c3-9a7f-40e509366700", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48418", "type": "published-proof-of-concept", "source": "https://t.me/androidMalware/2118", "content": "Android DeviceVersionFragment.java Privilege Escalation Exploit for Pixel Watch (CVE-2023-48418)\nhttps://0day.today/exploit/description/39237", "creation_timestamp": "2024-01-17T11:45:18.000000Z"}]}