In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Weakness
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Android | 14.0 (including) | 14.0 (including) | |
| Android | 15.0 (including) | 15.0 (including) | |
| Android | 16.0 (including) | 16.0 (including) | |
| Android | 16.0-qpr2_beta_1 (including) | 16.0-qpr2_beta_1 (including) | |
| Android | 16.0-qpr2_beta_2 (including) | 16.0-qpr2_beta_2 (including) | |
| Android | 16.0-qpr2_beta_3 (including) | 16.0-qpr2_beta_3 (including) |
Potential Mitigations
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/122.html
- https://cwe.mitre.org/data/definitions/233.html
- https://cwe.mitre.org/data/definitions/58.html