CVE-2023-40094 - OpenCVE

In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android

Configuration 1 [-]

OR	cpe:2.3:o:google:android:11.0:::::::*
	cpe:2.3:o:google:android:12.0:::::::*
	cpe:2.3:o:google:android:12.1:::::::*
	cpe:2.3:o:google:android:13.0:::::::*
	cpe:2.3:o:google:android:14.0:::::::*

No data.

References

Link	Providers
https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7
https://source.android.com/security/bulletin/2023-12-01

History

No history.

MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2023-12-04T22:40:53.676Z

Updated: 2024-08-28T17:42:28.539Z

Reserved: 2023-08-09T02:29:30.482Z

Link: CVE-2023-40094

Vulnrichment

Updated: 2024-08-02T18:24:55.273Z

NVD

Status : Analyzed

Published: 2023-12-04T23:15:24.493

Modified: 2024-02-02T03:10:05.053

Link: CVE-2023-40094

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-40094", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "state": "PUBLISHED", "assignerShortName": "google_android", "dateReserved": "2023-08-09T02:29:30.482Z", "datePublished": "2023-12-04T22:40:53.676Z", "dateUpdated": "2024-08-28T17:42:28.539Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2023-12-22T00:16:51.365Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Elevation of privilege"}]}], "affected": [{"vendor": "Google", "product": "Android", "versions": [{"version": "14", "status": "affected"}, {"version": "13", "status": "affected"}, {"version": "12L", "status": "affected"}, {"version": "12", "status": "affected"}, {"version": "11", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}], "references": [{"url": "https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7"}, {"url": "https://source.android.com/security/bulletin/2023-12-01"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:24:55.273Z"}, "title": "CVE Program Container", "references": [{"url": "https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7", "tags": ["x_transferred"]}, {"url": "https://source.android.com/security/bulletin/2023-12-01", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-08-28T17:42:04.875585Z", "id": "CVE-2023-40094", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T17:42:28.539Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7", "tags": ["x_transferred"]}, {"url": "https://source.android.com/security/bulletin/2023-12-01", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T18:24:55.273Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-40094", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-08-28T17:42:04.875585Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-08-28T17:42:18.658Z"}}], "cna": {"affected": [{"vendor": "Google", "product": "Android", "versions": [{"status": "affected", "version": "14"}, {"status": "affected", "version": "13"}, {"status": "affected", "version": "12L"}, {"status": "affected", "version": "12"}, {"status": "affected", "version": "11"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7"}, {"url": "https://source.android.com/security/bulletin/2023-12-01"}], "descriptions": [{"lang": "en", "value": "In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "Elevation of privilege"}]}], "providerMetadata": {"orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android", "dateUpdated": "2023-12-22T00:16:51.365Z"}}}, "cveMetadata": {"cveId": "CVE-2023-40094", "state": "PUBLISHED", "dateUpdated": "2024-08-28T17:42:28.539Z", "dateReserved": "2023-08-09T02:29:30.482Z", "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "datePublished": "2023-12-04T22:40:53.676Z", "assignerShortName": "google_android"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*", "matchCriteriaId": "109DD7FD-3A48-4C3D-8E1A-4433B98E1E64", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*", "matchCriteriaId": "F8FB8EE9-FC56-4D5E-AE55-A5967634740C", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*", "matchCriteriaId": "C64C1583-CDE0-4C1F-BDE6-05643C1BDD72", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*", "matchCriteriaId": "879FFD0C-9B38-4CAA-B057-1086D794D469", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:14.0:*:*:*:*:*:*:*", "matchCriteriaId": "2700BCC5-634D-4EC6-AB67-5B678D5F951D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In keyguardGoingAway of ActivityTaskManagerService.java, there is a possible lock screen bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation."}, {"lang": "es", "value": "En keyguardGoingAway de ActivityTaskManagerService.java, existe una posible omisi\u00f3n de la pantalla de bloqueo debido a una falta de verificaci\u00f3n de permisos. Esto podr\u00eda conducir a una escalada local de privilegios sin necesidad de permisos de ejecuci\u00f3n adicionales. La interacci\u00f3n del usuario no es necesaria para la explotaci\u00f3n."}], "id": "CVE-2023-40094", "lastModified": "2024-02-02T03:10:05.053", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2023-12-04T23:15:24.493", "references": [{"source": "security@android.com", "tags": ["Mailing List", "Patch"], "url": "https://android.googlesource.com/platform/frameworks/base/+/1120bc7e511710b1b774adf29ba47106292365e7"}, {"source": "security@android.com", "tags": ["Vendor Advisory"], "url": "https://source.android.com/security/bulletin/2023-12-01"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-862"}], "source": "nvd@nist.gov", "type": "Primary"}]}