Google fixes critical Android security issues in the March 2023 update

Martin Brinkmann
Mar 7, 2023
Updated • Mar 7, 2023
Google Android

Google published the monthly Android Security Bulletin today. The March 2023 security bulletin provides information on the patched security issues that affect Android devices.

Android devices have security patch levels. The information is found in the Settings, usually under About phone or System Update. Most Android devices display the security patch level as a date, e.g., 1 February 2023. This indicates that the device has all security patches that were released on February 1, 2023 or earlier. Google publishes monthly updates, which manufacturers use to create updates for their devices.

The March 2023 security updates include two critically rated security issues that affect the System component. One of them could "lead to remote code execution with no additional privileges needed" according to Google. In other words: the exploit works without requiring specific user activity on the device.

The two critical vulnerabilities are CVE-2023-20951 and CVE-2023-20954. Additional information about the two vulnerabilities is not yet available. The record database list both CVEs as reserved, but provide no information on them at this point in time.

Google lists the following vulnerabilities in the Android security bulletin for March 2023. Note that some of the vulnerabilities affect only devices that have these components:

  • Framework: 8 different security issues, all with the severity high.
  • System: 18 different vulnerabilities, 2 rated critical, the remaining 16 rated high.
  • Google Play system updates: 5 vulnerabilities.
  • Kernel: one vulnerability listed with a high severity rating.
  • MediaTek components: three listed vulnerabilities, all rated high.
  • Unisoc components: four vulnerabilities, all rated high.
  • Qualcomm components: three vulnerabilities, all rated high.
  • Qualcomm closed source components: 18 different vulnerabilities, 2 rated critical, 16 rated high. The two issues are also remote code execution vulnerabilities.

Android device owners need to wait until the device manufacturer releases a security patch for the device. It may take just a few days for that to happen, or longer. This depends on a number of factors, and varies from manufacturer to manufacturer. Older devices may receive updates after newer devices have received them, depending on the manufacturer's policy in this regard. Google Pixel devices are usually among the first Android devices to receive security updates.

Android users may check the updates option in the Settings of their device to run manual checks for updates. Updates do not get installed automatically on Android, usually, which means that users either have to run manual checks to get the update installed on their device, or wait for the official update notification to appear, to install the security update then on it.

Google fixes critical Android security issues in the March 2023 update
Article Name
Google fixes critical Android security issues in the March 2023 update
Google has published the monthly Android security update today, which fix several critical vulnerabilities.
Ghacks Technology News

Tutorials & Tips

Previous Post: «
Next Post: «


  1. John G. said on March 7, 2023 at 8:14 am

    I wonder when these fixes will arrive to Samsung. Some months ago I wrote to Samsung about a certain security bug inmo that allow an external user to turn off the sound of the phone with no need at all to enter the password to access to configuration. I am still waiting for an answer and after some time I found a way to prevent disabling the sound by other people (e.g. thieves, children and so forth). I also wrote them to ask why a medium-high phone like the A52 5G received updates only each two months while some mobiles of the S-series (with the same price) received monthly updates. I trust Samsung phones however its management with Android security updates and also the misleading sensation of improvement of the One UI, that is getting worse and worse every single upgrade. Thanks for the article by the way.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.