← voltar
CVE-2023-35669

CVE-2023-35669

EPSS 0.1%
In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Produtos afetados
Google · Android

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6https://source.android.com/security/bulletin/2023-09-01