CVE-2023-40116

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Oct 27, 2023
Updated: Oct 30, 2023

Summary

CVE-2023-40116 is a vulnerability affecting the background activity launch restrictions in PipTaskOrganizer.java's onTaskAppeared method. The issue stems from a logic error in the code that enables bypassing these restrictions, potentially resulting in local privilege escalation with no extra execution privileges required. Notably, user interaction is unnecessary for successful exploitation.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share