CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21128
https://notcve.org/view.php?id=CVE-2023-21128
In various functions of AppStandbyController.java, there is a possible way to break manageability scenarios due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-272042183 • https://source.android.com/security/bulletin/2023-06-01 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21135
https://notcve.org/view.php?id=CVE-2023-21135
In onCreate of NotificationAccessSettings.java, there is a possible failure to persist notifications settings due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-260570119 • https://source.android.com/security/bulletin/2023-06-01 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-21139
https://notcve.org/view.php?id=CVE-2023-21139
In bindPlayer of MediaControlPanel.java, there is a possible launch arbitrary activity in SysUI due to Unsafe Intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-271845008 • https://source.android.com/security/bulletin/2023-06-01 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21105
https://notcve.org/view.php?id=CVE-2023-21105
In multiple functions of ChooserActivity.java, there is a possible cross-user media read due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-261036568 • https://source.android.com/security/bulletin/2023-06-01 •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-21143
https://notcve.org/view.php?id=CVE-2023-21143
In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-268193777 • https://source.android.com/security/bulletin/2023-06-01 • CWE-20: Improper Input Validation •