Lucene search
PRIOn knowledge basePRION:CVE-2023-21091HistoryApr 19, 2023 - 8:15 p.m.
Design/Logic Flaw
2023-04-1920:15:00
PRIOn knowledge base
www.prio-n.com
5
security flaw
logic flaw
android-13
denial of service
missing permission check
0.0004 Low
EPSS
Percentile
5.1%
In canDisplayLocalUi of AppLocalePickerActivity.java, there is a possible way to change system app locales due to a missing permission check. This could lead to local denial of service across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257954050
Related
nvd
nvd
CVE-2023-21091
2023-04-19 20:15:11
cve
cve
CVE-2023-21091
2023-04-19 20:15:11
cnvd
cnvd
Google Android Denial of Service Vulnerability (CNVD-2023-55364)
2023-04-23 00:00:00
cvelist
cvelist
CVE-2023-21091
2023-04-19 00:00:00
osv
osv
Modifying other users' app locales using AppLocalePickerActivity in Settings
2023-04-01 00:00:00