exploitDog

CVE-2023-21343

Опубликовано: 30 окт. 2023

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Ссылки

https://source.android.com/docs/security/bulletin/android-14
Release Notes
Vendor Advisory
https://source.android.com/docs/security/bulletin/android-14
Release Notes
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Версия до 14.0 (исключая)

EPSS

Процентиль: 12%

0.00039

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-269

Связанные уязвимости

GHSA-hqwr-xv28-whqf

CVSS3: 7.8

github

больше 2 лет назад

In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

EPSS

Процентиль: 12%

0.00039

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-269