CVE-2023-35677

In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-35677

CVE-2023-35677 describes a DoS vulnerability in Android where, in the onCreate path of DeviceAdminAdd.java, a missing permission check could allow a device admin to be forcibly added. This enables local denial of service (factory reset or persistent locking) without extra execution privileges and...

CVE-2023-35677

In onCreate of DeviceAdminAdd.java, there is a possible way to forcibly add a device admin due to a missing permission check. This could lead to local denial of service factory reset or continuous locking with no additional execution privileges needed. User interaction is not needed for...

PT-2023-25262 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android affected versions not specified Description: The issue is related to a missing permission check in the onCreate method of DeviceAdminAdd.java, which could allow a device admin to be forcibly added. This could lead to local denial of...

CVE-2021-0600

In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...