CVE-2023-21231
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Aug 14, 2023
Updated: Aug 18, 2023
Summary
CVE-2023-21231 is a vulnerability affecting the getIntentForButton function in ButtonManager.java. This issue allows an unprivileged application to initiate a non-exported or permission-protected activity without proper permission checks. Consequently, an attacker can exploit this vulnerability to escalate local privileges, gaining elevated access to the system without requiring any additional execution privileges or user interaction.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- Android