Описание
In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to disable the active VPN app from the lockscreen due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Ссылки
- https://android.googlesource.com/platform/frameworks/base/+/207584fb6f820eba14251251d7e9331bfd57adb8Mailing ListPatch
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*
EPSS
Процентиль: 21%
0.00068
Низкий
7.8 High
CVSS3
7.7 High
CVSS3
Дефекты
CWE-1188
CWE-1188
Связанные уязвимости
CVSS3: 7.7
github
больше 1 года назад
In onForegroundServiceButtonClicked of FooterActionsViewModel.kt, there is a possible way to disable the active VPN app from the lockscreen due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS
Процентиль: 21%
0.00068
Низкий
7.8 High
CVSS3
7.7 High
CVSS3
Дефекты
CWE-1188
CWE-1188