CERT-FR Advisory: Multiple Vulnerabilities in Google Android

The Computer Emergency Response Team of France (CERT-FR) has issued an advisory regarding multiple vulnerabilities identified in Google Android.

Document Management

  • Reference: CERTFR-2023-AVI-0811
  • Title: Multiple Vulnerabilities in Google Android
  • First Version Date: October 6, 2023
  • Last Version Date: October 6, 2023
  • Sources: Android Security Bulletin of October 2, 2023; Pixel Security Bulletin of October 4, 2023
  • Attachments: None


  • Not specified by the publisher
  • Remote Arbitrary Code Execution
  • Remote Denial of Service
  • Breach of Data Confidentiality
  • Privilege Escalation

Affected Systems

  • Google Android versions 11, 12, 12L, 13 without the security patch of October 6, 2023
  • Google Pixel without the security patch of October 5, 2023

Summary Multiple vulnerabilities have been discovered in Google Android. Some of these vulnerabilities allow an attacker to trigger remote arbitrary code execution, remote denial of service, and a breach of data confidentiality.

The publisher indicates that vulnerabilities CVE-2023-4863 and CVE-2023-4211 are being exploited.

Solution Refer to the publisher’s security bulletin for obtaining patches (see Documentation section).


  1. Android Security Bulletin – October 2, 2023
  2. Pixel Security Bulletin – October 4, 2023

References (CVE)

CERT-FR advises immediate attention to these vulnerabilities and recommends applying the necessary security patches provided by the Android security bulletins.