Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
Max CVSS
6.3
EPSS Score
0.09%
Published
2023-12-08
Updated
2024-01-05
The vulnerability is the use of implicit PendingIntents without the PendingIntent.FLAG_IMMUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Personalized service ("com.lge.abba") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-10-02
The vulnerability is the use of implicit PendingIntents with the PendingIntent.FLAG_MUTABLE set that leads to theft and/or (over-)write of arbitrary files with system privilege in the Bluetooth ("com.lge.bluetoothsetting") app. The attacker's app, if it had access to app notifications, could intercept them and redirect them to its activity, before making it grant access permissions to content providers with the `android:grantUriPermissions="true"` flag.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-10-02
In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-09-11
Updated
2023-09-14
In Bluetooth, there is a possible way for a paired Bluetooth device to access a long term identifier for an Android device due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Max CVSS
5.0
EPSS Score
0.04%
Published
2023-10-30
Updated
2023-11-06
In SEPolicy, there is a possible way to access the factory MAC address due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
4.4
EPSS Score
0.04%
Published
2023-10-30
Updated
2023-11-06
In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240428519References: N/A
Max CVSS
6.8
EPSS Score
0.05%
Published
2023-01-26
Updated
2023-02-01
In getPendingIntentLaunchFlags of ActivityOptions.java, there is a possible elevation of privilege due to a confused deputy with no additional execution privileges needed. User interaction is not needed for exploitation.
Max CVSS
9.8
EPSS Score
0.08%
Published
2023-07-13
Updated
2023-07-25
In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-243130512
Max CVSS
5.5
EPSS Score
0.04%
Published
2023-04-19
Updated
2023-04-25
Elevation of privilege
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-11-29
Updated
2023-12-05
Elevation of privilege
Max CVSS
9.8
EPSS Score
0.06%
Published
2023-11-29
Updated
2023-12-05
In trusty_ffa_mem_reclaim of shared-mem-smcall.c, there is a possible privilege escalation due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-237838301References: N/A
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-12-16
Updated
2022-12-21
Improper access control vulnerability in SecTelephonyProvider prior to SMR Dec-2022 Release 1 allows attackers to access message information.
Max CVSS
3.3
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-12
Implicit intent hijacking vulnerability in Telecom application prior to SMR Dec-2022 Release 1 allows attacker to access sensitive information via implicit intent.
Max CVSS
5.5
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-10
Improper access control vulnerability in Nice Catch prior to SMR Dec-2022 Release 1 allows physical attackers to access contents of all toast generated in the application installed in Secure Folder through Nice Catch.
Max CVSS
4.6
EPSS Score
0.05%
Published
2022-12-08
Updated
2022-12-12
Improper authentication vulnerability in Samsung WindowManagerService prior to SMR Dec-2022 Release 1 allows attacker to send the input event using S Pen gesture.
Max CVSS
5.7
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-12
Improper access control vulnerability in IIccPhoneBook prior to SMR Dec-2022 Release 1 allows attackers to access some information of usim.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-12
Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-09
Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-09
Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent.
Max CVSS
4.0
EPSS Score
0.04%
Published
2022-12-08
Updated
2022-12-09
Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.
Max CVSS
4.3
EPSS Score
0.04%
Published
2022-11-09
Updated
2023-07-14
Improper access control vulnerability in IImsService prior to SMR Nov-2022 Release 1 allows local attacker to access to Call information.
Max CVSS
4.3
EPSS Score
0.04%
Published
2022-11-09
Updated
2022-11-10
Improper authorization vulnerability in StorageManagerService prior to SMR Nov-2022 Release 1 allows local attacker to call privileged API.
Max CVSS
7.8
EPSS Score
0.04%
Published
2022-11-09
Updated
2023-07-14
Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.
Max CVSS
5.9
EPSS Score
0.04%
Published
2022-11-09
Updated
2023-06-27
Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices.
Max CVSS
5.1
EPSS Score
0.04%
Published
2022-10-07
Updated
2022-10-11
477 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!