CVE-2023-20963 - Android Framework Privilege Escalation Vulnerability

Vulnerability Name

Android Framework Privilege Escalation Vulnerability

Description

Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes

https://source.android.com/docs/security/bulletin/2023-03-01

https://nvd.nist.gov/vuln/detail/CVE-2023-20963