PUB-A-250573776
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/PUB-A-250573776.json
- JSON Data
- https://api.osv.dev/v1/vulns/PUB-A-250573776
- Aliases
-
- A-250573776
- CVE-2023-20975
- Published
- 2023-06-01T00:00:00Z
- Modified
- 2025-06-30T14:52:47.841487Z
- Summary
- [none]
- Details
-
In getAvailabilityStatus of EnableContentCapturePreferenceController.java, there is a possible way to bypass DISALLOWCONTENTCAPTURE due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"severity": "Moderate",
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/a1ca72224da3a87d3117e764dfea35e03f62a182"
],
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a1ca72224da3a87d3117e764dfea35e03f62a182",
"id": "PUB-A-250573776-5b7f6683",
"signature_version": "v1",
"digest": {
"length": 166.0,
"function_hash": "258326527094683490707070192044831391883"
},
"signature_type": "Function",
"match_only_versions": [
"13-next"
],
"deprecated": false,
"target": {
"function": "getAvailabilityStatus",
"file": "src/com/android/settings/privacy/EnableContentCapturePreferenceController.java"
}
},
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a1ca72224da3a87d3117e764dfea35e03f62a182",
"id": "PUB-A-250573776-fc2eddb4",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"230878898972108947448676599731865036895",
"29929630303618403406873241733712735071",
"43171703898393838406260968717756894712",
"202220144456139908321737172207194654673",
"141297438035133473302776685006771028195",
"314980342124334971502357072826993007426",
"198523617367747830504737027296671495035",
"321352975154569528164620798525210741119",
"167566222161009494756955802324480295557"
]
},
"signature_type": "Line",
"match_only_versions": [
"13-next"
],
"deprecated": false,
"target": {
"file": "src/com/android/settings/privacy/EnableContentCapturePreferenceController.java"
}
}
],
"types": [
"EoP"
]
}
Android / platform/packages/apps/Settings
Package
Ecosystem specific
{
"severity": "Moderate",
"spl": "2023-06-01",
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/a1ca72224da3a87d3117e764dfea35e03f62a182"
],
"vanir_signatures": [
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a1ca72224da3a87d3117e764dfea35e03f62a182",
"id": "PUB-A-250573776-25881a26",
"signature_version": "v1",
"digest": {
"threshold": 0.9,
"line_hashes": [
"230878898972108947448676599731865036895",
"29929630303618403406873241733712735071",
"43171703898393838406260968717756894712",
"202220144456139908321737172207194654673",
"141297438035133473302776685006771028195",
"314980342124334971502357072826993007426",
"198523617367747830504737027296671495035",
"321352975154569528164620798525210741119",
"167566222161009494756955802324480295557"
]
},
"signature_type": "Line",
"match_only_versions": [
"13"
],
"deprecated": false,
"target": {
"file": "src/com/android/settings/privacy/EnableContentCapturePreferenceController.java"
}
},
{
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a1ca72224da3a87d3117e764dfea35e03f62a182",
"id": "PUB-A-250573776-f7ef60d9",
"signature_version": "v1",
"digest": {
"length": 166.0,
"function_hash": "258326527094683490707070192044831391883"
},
"signature_type": "Function",
"match_only_versions": [
"13"
],
"deprecated": false,
"target": {
"function": "getAvailabilityStatus",
"file": "src/com/android/settings/privacy/EnableContentCapturePreferenceController.java"
}
}
],
"types": [
"EoP"
]
}