CVE-2023-21001

In onContextItemSelected of NetworkProviderSettings.java, there is a possible way for users to change the Wi-Fi settings of other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede...

CVE-2023-21001

In onContextItemSelected of NetworkProviderSettings.java, there is a possible way for users to change the Wi-Fi settings of other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede...

PT-2022-14768 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: A missing permission check in the launchConfigNewNetworkFragment of NetworkProviderSettings.java allows a guest user to add a new WiFi network. This could lead to local escalation of privilege with no...

CVE-2022-20137

In onCreateContextMenu of NetworkProviderSettings.java, there is a possible way for non-owner users to change WiFi settings due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Produc...

Google Android 权限许可和访问控制问题漏洞

Google Android is a Linux-based open-source operating system from the U.S. company Google Google. Google Android has an elevation of privilege vulnerability that originates in onCreateContextMenu in NetworkProviderSettings.java. Due to a lack of privilege checking, a non-owner user could change...