VDB
CISA-2023-21257
CISA-2023-21257
PUBLISHED
Reported by google_android · Published July 12, 2023
In updateSettingsInternalLI of InstallPackageHelper.java, there is a possible way to sideload an app in the work profile due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | 13 | |
| Android | 13, 13 |
Timeline
- Jul 12, 2023 CVE Published
- Nov 6, 2024 CVE Updated