Описание
In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Ссылки
- https://android.googlesource.com/platform/frameworks/base/+/9722ce9d733edab76163fbcd21b231424e3d7061Mailing ListPatch
- https://android.googlesource.com/platform/frameworks/base/+/df49e0e3083b0707e2cca5a5956b49f14ded078eMailing ListPatch
- PatchVendor Advisory
- https://android.googlesource.com/platform/frameworks/base/+/9722ce9d733edab76163fbcd21b231424e3d7061Mailing ListPatch
- https://android.googlesource.com/platform/frameworks/base/+/df49e0e3083b0707e2cca5a5956b49f14ded078eMailing ListPatch
- PatchVendor Advisory
Уязвимые конфигурации
Одно из
EPSS
7.8 High
CVSS3
7.4 High
CVSS3
Дефекты
Связанные уязвимости
In setSkipPrompt of AssociationRequest.java , there is a possible way to establish a companion device association without any confirmation due to CDM. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Уязвимость функции setSkipPrompt() (AssociationRequest.java) операционной системы Android, позволяющая нарушителю повысить свои привилегии
EPSS
7.8 High
CVSS3
7.4 High
CVSS3