← voltar
CVE-2023-21131

CVE-2023-21131

EPSS 0.1%CWE-639
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS EPSS 0.1%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
15 jun 2023Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In checkKeyIntentParceledCorrectly() of ActivityManagerService.java, there is a possible bypass of Parcel Mismatch mitigations due to a logic error in the code. This could lead to local escalation of privilege and the ability to launch arbitrary activities in settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-265015796
Produtos afetados
n/a · Android