CVE-2023-21177

In requestAppKeyboardShortcuts of WindowManagerService.java, there is a possible way to infer the app a user is interacting with due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for...

CVE-2022-20192

CVE-2022-20192 affects Android 12L and relates to grantEmbeddedWindowFocus in WindowManagerService, enabling a permissions bypass that could let an attacker change an input channel in the embedded hierarchy and escalate privileges locally without user interaction. The available documents describe...

Design/Logic Flaw

In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAGOBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for...

CVE-2020-0475

CVE-2020-0475 affects Android 11 where in WindowManagerService.createInputConsumer there is a missing permission check, enabling a local elevation of privilege by intercepting input events. Exploitation requires user interaction; no remote access assumed. Public sources (Red Hat, NVD, CVE lists) ...

CVE-2020-0099

CVE-2020-0099 affects Android 8.0–10 and involves the WindowManagerService.addWindow, with an insecure default value enabling a possible window overlay attack (tapjacking) leading to local privilege escalation. Exploitation requires user interaction in the documented reports, and the issue is cat...