2 matches found
CVE-2023-21098
In multiple functions of AccountManagerService.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2023-21098
The CVE-2023-21098 entry affects Android and involves a local elevation of privilege in AccountManagerService.java where a confused deputy could load arbitrary code into the System Settings app. The attached connected exploit notes an ABX injection chain that leverages PackageInstaller.Session an...