CVE-2023-35674
| CVE Published | 2023-09-11 |
|---|---|
| Related Vendor(s) | |
| Related Product(s) | android |
| Exploitation Reported (CISA KEV) | 2023-09-13 |
| CVSS 3 Base Score | 7.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph