CVE-2023-20963

HIGH Year: 2023
CVSS v3 Score
7.8
High
Weakness Type
CWE-295
View all →

Vulnerability Description

In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519

Related Vulnerabilities

CVE-2018-10403

HIGH
CVSS:7.8(High)

An issue was discovered in F-Secure XFENCE and Little Flocker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/...

CWE-2952018

CVE-2018-10404

HIGH
CVSS:7.8(High)

An issue was discovered in Objective-See KnockKnock, LuLu, TaskExplorer, WhatsYourSign, and procInfo. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not compl...

CWE-2952018

CVE-2018-10405

HIGH
CVSS:7.8(High)

An issue was discovered in Google Santa and molcodesignchecker. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal...

CWE-2952018

CVE-2018-10406

HIGH
CVSS:7.8(High)

An issue was discovered in Yelp OSXCollector. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the u...

CWE-2952018

CVE-2018-10408

HIGH
CVSS:7.8(High)

An issue was discovered in VirusTotal. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of ...

CWE-2952018

CVE-2020-8289

HIGH
CVSS:7.8(High)

Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where v...

CWE-2952020