In onCreate of ConfirmDialog.java, there is a possible way to connect to VNP bypassing user's consent due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2023-07-12T23:32:23.341Z
Updated: 2024-08-02T09:28:26.118Z
Reserved: 2022-11-03T22:37:50.652Z
Link: CVE-2023-21251
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-07-13T00:15:23.963
Modified: 2023-07-25T14:48:16.247
Link: CVE-2023-21251
Redhat
No data.