Lucene search

GoogleOSV:ASB-A-223793631

HistorySep 01, 2023 - 12:00 a.m.

Privilege Escalation in com.android.providers.media.MediaProvider#DatabaseUtils.bindSelection

2023-09-0100:00:00

Google

osv.dev

privilege escalation

sql injection

mediaprovider

databaseutils

files

information disclosure

android security

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

In bindSelection of DatabaseUtils.java, there is a possible way to access files from other applications due to SQL injection. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.

CPENameOperatorVersion
platform/packages/providers/mediaprovidereq13
platform/packages/providers/mediaprovidereq11
platform/packages/providers/mediaprovidereq12
platform/packages/providers/mediaprovidereq12L

Name	Operator	Version
platform/packages/providers/mediaprovider	eq	13
platform/packages/providers/mediaprovider	eq	11
platform/packages/providers/mediaprovider	eq	12
platform/packages/providers/mediaprovider	eq	12L

References

android.googlesource.com/platform/packages/providers/MediaProvider/+/23d156ed1bed6d2c2b325f0be540d0afca510c49

source.android.com/security/bulletin/2023-09-01

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

7.3 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

Related for OSV:ASB-A-223793631