VDB

ASB-A-300090204

ASB-A-300090204 PUBLISHED

In convertToComponentName of DreamService.java, there is a possible way to launch arbitrary protected activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Affected Products

VendorProductVersions
platformframeworks/base14-next:0, 12:0, 12

Exploit Intelligence

Timeline

  • Jan 1, 2024 CVE Published
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›