119 matches found
CVE-2023-21458
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...
Privilege escalation
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...
CVE-2023-21458
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...
CVE-2023-21458
CVE-2023-21458 involves an improper privilege management in Samsung System UI’s PhoneStatusBarPolicy. This vulnerability affects System UI versions prior to SMR Mar-2023 Release 1, where an attacker could turn off Do Not Disturb via an unprotected intent. The issue is base on local access with lo...
PT-2023-18226 · Systemui · Systemui
Name of the Vulnerable Software and Affected Versions: System UI versions prior to SMR Mar-2023 Release 1 Description: The issue is related to improper privilege management in PhoneStatusBarPolicy, allowing an attacker to turn off 'Do not disturb' via an unprotected intent. Recommendations: For...
CVE-2023-21458
Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...
SAMSUNG Mobile Devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile Devices PhoneStatusBarPolicy in System UI SMR Mar-2023 Release 1 version, which stems from a...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2022 Release 1 version, which stems from a custom privilege abuse vulnerability...
PT-2022-23665 · Systemui · Systemui
Name of the Vulnerable Software and Affected Versions: SystemUI versions prior to SMR Sep-2022 Release 1 Description: The issue concerns a custom permission misuse vulnerability. This vulnerability allows an attacker to use some protected functions with SystemUI privilege. Recommendations: For...
PT-2022-14542 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android version Android-13 Description: In SystemUI, a logic error in the code could lead to the unexpected enabling of the external speaker. This issue may result in local information disclosure without requiring additional execution...
CVE-2022-33731
Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components...
CVE-2022-34738
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...
ASB-A-193445603
In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2021-0932
In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. This could lead to local escalation of privilege that allows actions performed as the System UI with User execution privileges needed. User interaction is not needed for...
ASB-A-173025705
In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. This could lead to local escalation of privilege that allows actions performed as the System UI with User execution privileges needed. User interaction is not needed for...
CVE-2021-25473
Assuming a shell privilege is gained, an improper exception handling for multisimbarhidebymeadiafull value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...
CVE-2021-0551
In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
PUB-A-180518039
In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation...
CVE-2020-0415
In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...
Google Android Code Issues Vulnerabilities
Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android version 11. The vulnerability stems from an uncaught exception in the System UI that causes the system to crash. An attacker can use this vulnerability ...