← back
CVE-2023-35674

CVE-2023-35674

CVSS 8.8 HIGHEPSS 2.2%● KEVCWE-269
In short

A flaw in Android's WindowState allows an app to launch background activities without proper restrictions, potentially letting it gain unauthorized privileges on the device. This happens due to a logic error and doesn't require user interaction.

Technical detail

A logic error in WindowState.java onCreate method permits launching of background activities without enforcing intended restrictions, enabling local privilege escalation. The vulnerability requires no additional execution privileges and is exploitable without user interaction, presenting a direct path to unauthorized capability elevation.

Summary generated and translated by AI from the official description.
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products
Google · Android
public PoCs found2
githubgithub.com/SpiralBL0CK/Guide-and-theoretical-code-for-CVE-2023-356742githubgithub.com/Thampakon/CVE-2023-356740
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://android.googlesource.com/platform/frameworks/base/+/7428962d3b064ce1122809d87af65099d1129c9ehttps://source.android.com/security/bulletin/2023-09-01https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-35674