Platform Packages Apps Settings vulnerabilities

CVE-2023-21005 CVE-2023-21005: In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21015 CVE-2023-21015: In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21001 CVE-2023-21001: In onContextItemSelected of NetworkProviderSettings In onContextItemSelected of NetworkProviderSettings.java, there is a possible way for users to change the Wi-Fi settings of other users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21002 CVE-2023-21002: In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-20955 CVE-2023-20955: In onPrepareOptionsMenu of AppInfoDashboardFragment In onPrepareOptionsMenu of AppInfoDashboardFragment.java, there is a possible way to bypass admin restrictions and uninstall applications for all users due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21003 CVE-2023-21003: In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-20960 CVE-2023-20960: In launchDeepLinkIntentToRight of SettingsHomepageActivity In launchDeepLinkIntentToRight of SettingsHomepageActivity.java, there is a possible way to launch arbitrary activities due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21004 CVE-2023-21004: In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-21024 CVE-2023-21024: In maybeFinish of FallbackHome In maybeFinish of FallbackHome.java, there is a possible delay of lockdown screen due to logic error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-20957 CVE-2023-20957: In onAttach of SettingsPreferenceFragment In onAttach of SettingsPreferenceFragment.java, there is a possible bypass of Factory Reset Protections due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-20959 CVE-2023-20959: In AddSupervisedUserActivity, guest users are not prevented from starting the activity due to missing permissions checks In AddSupervisedUserActivity, guest users are not prevented from starting the activity due to missing permissions checks. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-20946 CVE-2023-20946: In onStart of BluetoothSwitchPreferenceController In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2023-20904 CVE-2023-20904: In getTrampolineIntent of SettingsActivity In getTrampolineIntent of SettingsActivity.java, there is a possible launch of arbitrary activity due to an Intent mismatch in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20506 CVE-2022-20506: In onCreate of WifiDialogActivity In onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest user with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20508 CVE-2022-20508: In onAttach of ConfigureWifiSettings In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20144 CVE-2022-20144: In cropPhoto of EditUserPhotoController In cropPhoto of EditUserPhotoController.java, there is a possible access to content owned by system content providers due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20519 CVE-2022-20519: In onCreate of AddAppNetworksActivity In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20556 CVE-2022-20556: In launchConfigNewNetworkFragment of NetworkProviderSettings In launchConfigNewNetworkFragment of NetworkProviderSettings.java, there is a possible way for the guest user to add a new WiFi network due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20537 CVE-2022-20537: In createDialog of WifiScanModeActivity In createDialog of WifiScanModeActivity.java, there is a possible way for a Guest user to enable location-sensitive settings due to a missing permission check. This could lead to local escalation of privilege from the Guest user with no additional execution privileges needed. User interaction is not needed for exploitation.

CVE-2022-20466 CVE-2022-20466: In applyKeyguardFlags of NotificationShadeWindowControllerImpl In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.