Google: >> Android >> 13.0 Security Vulnerabilities
In toUriInner of Intent.java, there is a possible way to launch an arbitrary activity due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261858325
CVSS Score
7.8
EPSS Score
0.001
Published
2023-04-19
In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260567867
CVSS Score
7.8
EPSS Score
0.0
Published
2023-04-19
In multiple methods of PackageInstallerSession.java, there is a possible way to start foreground services from the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-243377226
CVSS Score
7.8
EPSS Score
0.0
Published
2023-04-19
In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-243130512
CVSS Score
5.5
EPSS Score
0.001
Published
2023-04-19
In deserialize of multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256589724
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-19
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-11
In media service, there is a missing permission check. This could lead to local denial of service in media service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-11
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-11