mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-29 20:39:28 +02:00
0xMarcio
849 B
849 B
CVE-2023-21292
Description
In openContentUri of ActivityManagerService.java, there is a possible way for a third party app to obtain restricted files due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
POC
Reference
- https://android.googlesource.com/platform/frameworks/base/+/d10b27e539f7bc91c2360d429b9d05f05274670d
Github
No PoCs found on GitHub currently.