3 matches found
CVE-2023-21192
In setInputMethodWithSubtypeIdLocked of InputMethodManagerService.java, there is a possible way to setup input methods that are not enabled due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not...
CVE-2023-21192
creationtimestamp| type| source ---|---|--- 2023-06-28 22:19:29+00:00| seen| https://t.me/cibsecurity/65671...
CVE-2023-21192
CVE-2023-21192 affects Android 13 and is tied to InputMethodManagerService.setInputMethodWithSubtypeIdLocked, where improper input validation can allow configuring input methods that are not enabled, leading to local elevation of privilege without extra user interaction. The vulnerability descrip...