VDB

CISA-2023-21249

CISA-2023-21249 PUBLISHED

Reported by google_android · Published July 12, 2023

In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Affected Products

VendorProductVersions
GoogleAndroid13
GoogleAndroid13, 13

Timeline

  • Jul 12, 2023 CVE Published
  • Nov 6, 2024 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›