Описание
In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Ссылки
- https://android.googlesource.com/platform/frameworks/base/+/032bee6dc118ce1cc3fde92463b2954c1450f2e8Mailing ListPatch
- PatchVendor Advisory
- https://android.googlesource.com/platform/frameworks/base/+/032bee6dc118ce1cc3fde92463b2954c1450f2e8Mailing ListPatch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
EPSS
Процентиль: 17%
0.00056
Низкий
7.8 High
CVSS3
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-20
Связанные уязвимости
CVSS3: 9.8
github
больше 1 года назад
In multiple locations, there is a possible failure to persist or enforce user restrictions due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
EPSS
Процентиль: 17%
0.00056
Низкий
7.8 High
CVSS3
9.8 Critical
CVSS3
Дефекты
NVD-CWE-noinfo
CWE-20