Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In setLaunchIntent of BluetoothDevicePickerPreferenceController.java, there is a possible way to invoke an arbitrary broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-12Android ID: A-195668284
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Automotive Os 安全漏洞
Vulnerability Description
Google Android Automotive Os是美国谷歌(Google)公司的一种直接在车载硬件上运行的操作系统和平台。 Android Automotive OS中存在安全漏洞,该漏洞源于在 BluetoothDevicePickerPreferenceController.java 的 setLaunchIntent 中,由于代理混淆,有可能调用任意广播接收器。这可能会导致本地权限升级,而无需额外的执行权限。
CVSS Information
N/A
Vulnerability Type
N/A