4 matches found
CVE-2023-35674
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-35674
The CVE-2023-35674 issue affects the Android Framework, specifically an onCreate path in WindowState.java that can launch a background activity due to a logic error. This enables local elevation of privilege without extra execution privileges and without user interaction. The Android Security Bul...
CVE-2023-35674
creationtimestamp| type| source ---|---|--- 2023-09-06 16:05:21+00:00| exploited| https://t.me/thehackernews/3835 2023-09-06 17:11:46+00:00| seen| Telegram/63J2pVQJBaIknmjZGAIHn5x98Q9jXCZX7v9RgXfkNAcIQ 2023-09-06 18:31:04+00:00| seen| https://t.me/KomunitiSiber/752 2023-09-07 09:36:42+00:00| seen...
Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw
Google has rolled out monthly security patches for Android to address a number of flaws, including a zero-day bug that it said may have been exploited in the wild. Tracked as CVE-2023-35674, the high-severity vulnerability is described as a case of privilege escalation impacting the Android...