Vulnerability Details CVE-2023-20963
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519
Exploit prediction scoring system (EPSS) score
EPSS Score 0.037
EPSS Ranking 87.5%
CVSS Severity
CVSS v3 Score 7.8
Proposed Action
Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.
Ransomware Campaign
Unknown
References