Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In updatePermissionSourcePackage of PermissionManagerService.java, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege allowing a malicious app to silently gain access to a dangerous permission with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Android ID: A-155648771.
No PoCs from references.
- https://github.com/Ghizmoo/DroidSolver
- https://github.com/SpiralBL0CK/Guide-and-theoretical-code-for-CVE-2023-35674
- https://github.com/TinyNiko/android_bulletin_notes