CVE-2023-20772
CVE-2023-20772 affects the vow component, where a missing permission check enables local escalation of privilege without requiring user interaction. The issue can be exploited locally to gain higher privileges, as indicated by the CVSS data (LOCAL vector, high confidentiality/integrity/availabili...