CVE-2023-21135
published 2023-06-15CVE-2023-21135: In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | frameworks_base | >= 11:0 < 11:2023-06-01 | 11:2023-06-01 |
| platform | frameworks_base | >= 12:0 < 12:2023-06-01 | 12:2023-06-01 |
| platform | frameworks_base | >= 12L:0 < 12L:2023-06-01 | 12L:2023-06-01 |
| platform | frameworks_base | >= 13-next:0 < 13-next:2023-06-01 | 13-next:2023-06-01 |
| platform | frameworks_base | >= 13:0 < 13:2023-06-01 | 13:2023-06-01 |
| platform | packages_apps_settings | >= 11:0 < 11:2023-06-01 | 11:2023-06-01 |
| platform | packages_apps_settings | >= 12:0 < 12:2023-06-01 | 12:2023-06-01 |
| platform | packages_apps_settings | >= 12L:0 < 12L:2023-06-01 | 12L:2023-06-01 |
| platform | packages_apps_settings | >= 13-next:0 < 13-next:2023-06-01 | 13-next:2023-06-01 |
| platform | packages_apps_settings | >= 13:0 < 13:2023-06-01 | 13:2023-06-01 |