CVE-2023-35670

Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 11/09/2023 Updated: 14/09/2023

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 0

In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 11.0
google android 12.0
google android 12.1
google android 13.0

CWE-22 https://source.android.com/security/bulletin/2023-09-01 https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-35670

Vulnerability Summary

References

Vulmon Search

About

Products

Connect