Lucene search
Google_androidVULNRICHMENT:CVE-2023-35669HistorySep 11, 2023 - 8:09 p.m.
CVE-2023-35669
2023-09-1120:09:52
google_android
github.com
accountmanagerservice
privilege escalation
unsafe deserialization
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
ADP Affected
[
{
"cpes": [
"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
],
"vendor": "google",
"product": "android",
"versions": [
{
"status": "affected",
"version": "11"
},
{
"status": "affected",
"version": "12"
},
{
"status": "affected",
"version": "12l"
},
{
"status": "affected",
"version": "13"
}
],
"defaultStatus": "unknown"
}
]Related
osv
osv
nvd
nvd
CVE-2023-35669
2023-09-11 21:15:41
cnvd
cnvd
Google Android elevation of privilege vulnerability (CNVD-2023-75536)
2023-09-12 00:00:00
prion
prion
Deserialization of untrusted data
2023-09-11 21:15:00
cvelist
cvelist
CVE-2023-35669
2023-09-11 20:09:52
cve
cve
CVE-2023-35669
2023-09-11 21:15:41
githubexploit
githubexploit
Exploit for CVE-2023-45777
2024-01-20 07:14:06
AI Score
7.1
Confidence
High
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-35669