We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2023-21114



Description

In multiple locations, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Reserved 2022-11-03 | Published 2024-07-09 | Updated 2024-08-02 | Assigner google_android

Problem types

Elevation of privilege

Product status

Default status
unaffected

13
affected

References

android.googlesource.com/...f53cf382908cc48f992273742f817dd5

android.googlesource.com/...1758d8b1511f6a359bec316b6d2e22fe

android.googlesource.com/...916716ef974102b3bad7ae102d0164a5

source.android.com/security/bulletin/2024-06-01

cve.org (CVE-2023-21114)

nvd.nist.gov (CVE-2023-21114)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2023-21114

Support options

Helpdesk Chat, Email, Knowledgebase