CVE-2023-21343

State: PUBLISHED · Published: 2023-10-30 · Updated: 2024-09-06 · Assigner: google_android

Description

In ActivityStarter, there is a possible background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CWE

CWE-269 — CWE-269 Improper Privilege Management

Affected

Google / Android — v=14 [affected]

CVSS

(none)

References

https://source.android.com/docs/security/bulletin/android-14

Source

cvelistV5-main/cves/2023/21xxx/CVE-2023-21343.json