CVE-2023-21189

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Jun 28, 2023

Updated: Jul 5, 2023

CWE ID 667

Summary

CVE-2023-21189 is a vulnerability affecting the Android operating system, specifically in the LockTaskController.java file of Android-13. A logic error in the 'startLockTaskMode' function allows for a bypass of lock task mode, granting local escalation of privilege to attackers. No additional execution privileges are required for exploitation, but user interaction is needed to trigger the vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Android

Affected Vendors

Google

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/roJZI3
https://www.cve.org/CVERecord?id=CVE-2023-21189
https://nvd.nist.gov/vuln/detail/CVE-2023-21189

Back to Vulnerability Database