2 matches found
CVE-2023-20915
In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f...
CVE-2023-20915
CVE-2023-20915 concerns a logic error in PhoneAccountRegistrar.java (Android framework) that can allow enabling a phone account without user interaction. The issue enables local escalation of privilege with no additional execution privileges, impacting Android 10–13 per the CVE record. The proble...