VDB

CISA-2023-21139

CISA-2023-21139 PUBLISHED

Reported by google_android · Published June 15, 2023

In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271845008

Affected Products

VendorProductVersions
n/aAndroidAndroid-13
n/aAndroidAndroid-13, Android-13

Timeline

  • Jun 15, 2023 CVE Published
  • Dec 17, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›