Bypassing Factory Reset Protection through Incorrect UI Display in onPrimaryClipChanged

Bypassing Factory Reset Protection through Incorrect UI Display in onPrimaryClipChanged

CVE-2023-20953 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

In onPrimaryClipChanged of ClipboardListener.java, there is a possible way to bypass factory reset protection due to incorrect UI being shown prior to setup completion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251778420

Learn more about our Cis Benchmark Audit For Google Android.