3 matches found
CVE-2023-20959
In AddSupervisedUserActivity, guest users are not prevented from starting the activity due to missing permissions checks. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-20959
In AddSupervisedUserActivity, guest users are not prevented from starting the activity due to missing permissions checks. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2023-20959
CVE-2023-20959 affects Android 13, where AddSupervisedUserActivity allows guest users to start the activity due to missing permission checks. Root cause: inadequate access control in AddSupervisedUserActivity. Impact: local elevation of privilege with no additional execution privileges required; ...