CVE identifier(s) | CVE-2023-21036 |
---|---|
Date discovered | January 2, 2023 |
Date patched | January 24, 2023 |
Discoverer | Simon Aarons and David Buchanan |
Affected software | Markup, Snip & Sketch for Windows 10, and Snipping Tool for Windows 11 |
aCropalypse (CVE 2023-21036) was a vulnerability in Markup, a screenshot editing tool introduced in Google Pixel phones with the release of Android Pie. The vulnerability, discovered in 2023 by security researchers Simon Aarons and David Buchanan, allows an attacker to view an uncropped and unaltered version of a screenshot. Following aCropalypse's discovery, a similar zero-day[1] vulnerability was also discovered, affecting Snip & Sketch for Windows 10 and Snipping Tool for Windows 11.