Question 1

What is CVE-2023-21441 — CVE-2023-21441?

Accepted Answer

Insufficient Verification of Data Authenticity vulnerability in Routine prior to versions 2.6.30.6 in Android Q(10), 3.1.21.10 in Android R(11) and 3.5.2.23 in Android S(12) allows local attacker to access protected files via unused code.

Question 2

What is the authoritative source for CVE-2023-21441?

Accepted Answer

CVE-2023-21441 (CVE-2023-21441) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

CVSS	7.4 ()
Vector	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
EPSS	0.10% probability of exploitation · percentile 1.1% · 2026-06-18T12:00:27Z
Last modified	2026-06-17

CVE-2023-21441CVE-2023-21441

Description

Scoring