Lucene search
K

119 matches found

NVD
NVD
added 2023/03/16 9:15 p.m.24 views

CVE-2023-21458

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...

6.2CVSS6.3AI score0.00154EPSS
Exploits0References1
Prion
Prion
added 2023/03/16 9:15 p.m.23 views

Privilege escalation

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...

1.7CVSS4.2AI score0.00154EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/16 12:0 a.m.11 views

CVE-2023-21458

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...

6.2CVSS6.3AI score0.00154EPSS
Exploits0References1
CVE
CVE
added 2023/03/16 12:0 a.m.59 views

CVE-2023-21458

CVE-2023-21458 involves an improper privilege management in Samsung System UI’s PhoneStatusBarPolicy. This vulnerability affects System UI versions prior to SMR Mar-2023 Release 1, where an attacker could turn off Do Not Disturb via an unprotected intent. The issue is base on local access with lo...

6.2CVSS4.1AI score0.00154EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/03/16 12:0 a.m.8 views

PT-2023-18226 · Systemui · Systemui

Name of the Vulnerable Software and Affected Versions: System UI versions prior to SMR Mar-2023 Release 1 Description: The issue is related to improper privilege management in PhoneStatusBarPolicy, allowing an attacker to turn off 'Do not disturb' via an unprotected intent. Recommendations: For...

6.2CVSS3.9AI score0.00154EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/16 12:0 a.m.30 views

CVE-2023-21458

Improper privilege management vulnerability in PhoneStatusBarPolicy in System UI prior to SMR Mar-2023 Release 1 allows attacker to turn off Do not disturb via unprotected intent...

6.2CVSS6.5AI score0.00154EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/03/16 12:0 a.m.6 views

SAMSUNG Mobile Devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile Devices PhoneStatusBarPolicy in System UI SMR Mar-2023 Release 1 version, which stems from a...

6.2CVSS4.8AI score0.00154EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/09 12:0 a.m.4 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Sep-2022 Release 1 version, which stems from a custom privilege abuse vulnerability...

5.9CVSS5.7AI score0.00086EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.8 views

PT-2022-23665 · Systemui · Systemui

Name of the Vulnerable Software and Affected Versions: SystemUI versions prior to SMR Sep-2022 Release 1 Description: The issue concerns a custom permission misuse vulnerability. This vulnerability allows an attacker to use some protected functions with SystemUI privilege. Recommendations: For...

5.9CVSS5.2AI score0.00086EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2022/08/11 12:0 a.m.6 views

PT-2022-14542 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android version Android-13 Description: In SystemUI, a logic error in the code could lead to the unexpected enabling of the external speaker. This issue may result in local information disclosure without requiring additional execution...

5.5CVSS5.2AI score0.00114EPSS
Exploits0References3
OSV
OSV
added 2022/08/05 4:15 p.m.2 views

CVE-2022-33731

Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components...

7.1CVSS7.2AI score0.00086EPSS
Exploits0References1
OSV
OSV
added 2022/07/12 2:15 p.m.3 views

CVE-2022-34738

The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background...

7.5CVSS5.8AI score0.00494EPSS
Exploits0References2
OSV
OSV
added 2022/02/01 12:0 a.m.30 views

ASB-A-193445603

In onActivityViewReady of DetailDialog.kt, there is a possible Intent Redirect due to a confused deputy. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is needed for exploitation...

7.8CVSS7.8AI score0.00132EPSS
Exploits0References2
OSV
OSV
added 2021/12/15 7:15 p.m.2 views

CVE-2021-0932

In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. This could lead to local escalation of privilege that allows actions performed as the System UI with User execution privileges needed. User interaction is not needed for...

7.8CVSS7.2AI score0.00121EPSS
Exploits0References1
OSV
OSV
added 2021/11/01 12:0 a.m.23 views

ASB-A-173025705

In showNotification of NavigationModeController.java, there is a possible confused deputy due to an unsafe PendingIntent. This could lead to local escalation of privilege that allows actions performed as the System UI with User execution privileges needed. User interaction is not needed for...

7.8CVSS7.8AI score0.00121EPSS
Exploits0References2
OSV
OSV
added 2021/10/06 6:15 p.m.1 views

CVE-2021-25473

Assuming a shell privilege is gained, an improper exception handling for multisimbarhidebymeadiafull value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset...

4.4CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2021/06/22 12:15 p.m.3 views

CVE-2021-0551

In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product:...

6.5CVSS6.7AI score0.00588EPSS
Exploits0References1
OSV
OSV
added 2021/06/01 12:0 a.m.7 views

PUB-A-180518039

In bind of MediaControlPanel.java, there is a possible way to lock up the system UI using a malicious media file due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation...

6.5CVSS6.9AI score0.00588EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2020/10/14 2:15 p.m.2 views

CVE-2020-0415

In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure of contact data with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References2
CNVD
CNVD
added 2020/09/22 12:0 a.m.1 views

Google Android Code Issues Vulnerabilities

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A security vulnerability exists in Android version 11. The vulnerability stems from an uncaught exception in the System UI that causes the system to crash. An attacker can use this vulnerability ...

5.5CVSS6.7AI score0.00139EPSS
Exploits0References1
Rows per page
Query Builder