CVE-2023-40123

In updateActionViews of PipMenuView.java, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Security feature bypass

In updateActionViews of PipMenuView.java, there is a possible bypass of a multi user security boundary due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-40123

CVE-2023-40123 affects the PipMenuView.java component in the Android framework, with a bug in updateActionViews that allows a confused deputy to bypass a multi-user security boundary, causing local information disclosure without extra execution privileges. Exploitation requires no user interactio...

PT-2023-27278 · Google · Android

Name of the Vulnerable Software and Affected Versions: PipMenuView.java affected versions not specified Description: The issue is related to a possible bypass of a multi-user security boundary due to a confused deputy in the updateActionViews of PipMenuView.java. This could lead to local...