top of page
  • Clipeus

Android Critical Zero-Click Vulnerability

On 4 December 2023, Google addressed 85 vulnerabilities affecting Android, which included a critical zero-click remote code execution vulnerability (CVE-2023-40088).

As of the reporting time, there is no official CVSS score in the United States National Vulnerability Database (NVD). However, based on the assessment provided in the Android Security Bulletin issued on 4 December 2023, the vulnerability appears to be critical, given its potential for remote exploitation without any user interaction.

There are currently no reports of exploitation in the wild. Nevertheless, the threat landscape concerning this vulnerability is fluid and may evolve rapidly, particularly because many vendors are still in the process of testing patches, and fixes have not been universally implemented.


Commenting has been turned off.

If you are interested in specifics or additional insights on the threats above or any other threat, please visit our dedicated service page or reach out to with your inquiry. We would be glad to assist you

bottom of page