{"vulnerability": "CVE-2023-20971", "sightings": [{"uuid": "5d442cbc-0f5b-482e-9ae3-16539bb69349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20971", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5321", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-20971\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In removePermission of PermissionManagerServiceImpl.java, there is a possible way to obtain dangerous permissions without user consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-25T16:02:36.062Z\n\ud83d\udd17 References:\n1. https://android.googlesource.com/platform/frameworks/base/+/6c22d6c1e69676c5c68d21928aa5486bfd1bd131\n2. https://source.android.com/security/bulletin/2024-08-01", "creation_timestamp": "2025-02-25T16:23:07.000000Z"}, {"uuid": "626e5b31-e54f-4ba0-9212-34c92362b777", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-20971", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1246", "content": "\ud83d\udccd#\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0686\u0646\u062f\u06cc\u0646 #\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a #\u0633\u0627\u0645\u0633\u0648\u0646\u06af\n\n\u062f\u0631 \u062a\u0627\u0631\u06cc\u062e 6 #\u0622\u06af\u0648\u0633\u062a 2024\u060c \u067e\u0698\u0648\u0647\u0634\u06af\u0631\u0627\u0646 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0648\u0641\u0642 \u0628\u0647 \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0645\u062c\u0645\u0648\u0639\u0647\u200c\u0627\u06cc \u0627\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0634\u062f\u0646\u062f. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c \u06a9\u0647 \u062f\u0627\u0631\u0627\u06cc \u0633\u0637\u062d \u062a\u0647\u062f\u06cc\u062f #\u0645\u062a\u0648\u0633\u0637 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u0634\u062f\u0647\u200c\u0627\u0646\u062f\u060c \u0627\u0645\u06a9\u0627\u0646 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u0645\u062a\u0639\u062f\u062f\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc\u200c\u0622\u0648\u0631\u0646\u062f.\n\n#\u0627\u062b\u0631\u06af\u0630\u0627\u0631\u06cc \u0648 #\u062e\u0637\u0631\u0627\u062a:\n\u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0628\u0631\u0627\u06cc #\u0627\u062c\u0631\u0627\u06cc_\u06a9\u062f_\u062f\u0644\u062e\u0648\u0627\u0647 \u062e\u0648\u062f \u0628\u0631 \u0631\u0648\u06cc \u0633\u06cc\u0633\u062a\u0645\u200c\u0647\u0627\u06cc \u0647\u062f\u0641\u060c #\u0627\u06cc\u062c\u0627\u062f_\u0627\u062e\u062a\u0644\u0627\u0644_\u062f\u0631_\u0633\u0631\u0648\u06cc\u0633\u200c\u062f\u0647\u06cc\u060c #\u0627\u0641\u0632\u0627\u06cc\u0634_\u0633\u0637\u062d_\u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u0648\u062f\u060c #\u0627\u0641\u0634\u0627\u06cc_\u0627\u0637\u0644\u0627\u0639\u0627\u062a_\u062d\u0633\u0627\u0633 \u0648 #\u062f\u0648\u0631_\u0632\u062f\u0646_\u0645\u06a9\u0627\u0646\u06cc\u0632\u0645\u200c\u0647\u0627\u06cc_\u0627\u0645\u0646\u06cc\u062a\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0646\u0645\u0627\u06cc\u0646\u062f.\n\n#\u0645\u062d\u0635\u0648\u0644\u0627\u062a_\u062a\u062d\u062a_\u062a\u0623\u062b\u06cc\u0631:\n\u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0645\u062e\u062a\u0644\u0641 #\u0633\u06cc\u0633\u062a\u0645\u200c\u0639\u0627\u0645\u0644_\u0627\u0646\u062f\u0631\u0648\u06cc\u062f (12\u060c 13 \u0648 14) \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 #Wear_OS_4.0 \u0627\u0632 \u062c\u0645\u0644\u0647 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0647\u0633\u062a\u0646\u062f.\n\n#\u0627\u0642\u062f\u0627\u0645\u0627\u062a_\u0645\u0642\u0627\u0628\u0644\u0647\u200c\u0627\u06cc:\n\u0628\u0647 \u0645\u0646\u0638\u0648\u0631 \u06a9\u0627\u0647\u0634 \u062e\u0637\u0631 \u0646\u0627\u0634\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u060c \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0628\u0647 \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u06a9\u0646\u062f \u06a9\u0647 #\u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc_\u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0631\u0627\u0626\u0647 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0634\u0631\u06a9\u062a \u0631\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0646\u0635\u0628 \u0646\u0645\u0627\u06cc\u0646\u062f. \u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u062e\u0635\u0648\u0635 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0648 \u0646\u062d\u0648\u0647 \u0631\u0641\u0639 \u0622\u0646\u200c\u0647\u0627\u060c \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0628\u0647 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a\u200c\u0647\u0627\u06cc \u0632\u06cc\u0631 \u0645\u0631\u0627\u062c\u0639\u0647 \u0646\u0645\u0627\u06cc\u0646\u062f:\n\n#\u0633\u0627\u0645\u0633\u0648\u0646\u06af_\u0646\u06cc\u0645\u0647\u200c\u0631\u0633\u0627\u0646\u0627:\n \ud83c\udf10 https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n#\u0633\u0627\u0645\u0633\u0648\u0646\u06af_\u0645\u0648\u0628\u0627\u06cc\u0644:\n \ud83c\udf10 https://security.samsungmobile.com/securityUpdate.smsb\n\n#\u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc_CVE:\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647\u060c \u062f\u0627\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0647\u200c\u0647\u0627\u06cc CVE-2023-20971 \u062a\u0627 CVE-2024-36971 \u0645\u06cc\u200c\u0628\u0627\u0634\u0646\u062f.\n\n#\u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627:\n#\u0646\u0635\u0628_\u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627: \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0627\u06cc\u062f \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc\u200c\u0647\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631\u06cc \u0627\u0631\u0627\u0626\u0647 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0631\u0627 \u0628\u0647\u200c\u0637\u0648\u0631 \u0645\u0631\u062a\u0628 \u0646\u0635\u0628 \u0646\u0645\u0627\u06cc\u0646\u062f.\n#\u0645\u0631\u0627\u062c\u0639\u0647_\u0628\u0647_\u0645\u0646\u0627\u0628\u0639_\u0631\u0633\u0645\u06cc: \u0628\u0631\u0627\u06cc \u06a9\u0633\u0628 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062f\u0642\u06cc\u0642\u200c\u062a\u0631 \u062f\u0631 \u062e\u0635\u0648\u0635 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627 \u0648 \u0631\u0627\u0647\u06a9\u0627\u0631\u0647\u0627\u06cc \u0645\u0642\u0627\u0628\u0644\u0647 \u0628\u0627 \u0622\u0646\u200c\u0647\u0627\u060c \u0628\u0647 \u0648\u0628\u200c\u0633\u0627\u06cc\u062a\u200c\u0647\u0627\u06cc \u0631\u0633\u0645\u06cc \u0633\u0627\u0645\u0633\u0648\u0646\u06af \u0645\u0631\u0627\u062c\u0639\u0647 \u0646\u0645\u0627\u06cc\u06cc\u062f.\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities_20240806\n\n\ud83d\udccd #Identification of #Multiple_Vulnerabilities in #Samsung_Products\n\nOn August 6, 2024, #security_researchers identified a series of #vulnerabilities in various Samsung products. These vulnerabilities, rated as #medium_threat_level, present several #exploitation_opportunities for #attackers.\n\n### Impact and Risks:\nAttackers can leverage these vulnerabilities to #execute_arbitrary_code on target systems, cause #service_disruptions, escalate privileges, disclose #sensitive_information, and bypass #security_mechanisms.\n\n### Affected Products:\n- #Android_OS versions 12, 13, and 14\n- #Wear_OS 4.0\n\n### Mitigation Measures:\nTo mitigate the risks associated with these vulnerabilities, #Samsung advises users to promptly install the #security_updates provided by the company. For more detailed information about the vulnerabilities and how to resolve them, users can visit the following websites:\n\n- Samsung Semiconductor:\n\ud83c\udf10 https://semiconductor.samsung.com/support/quality-support/product-security-updates/\n- Samsung Mobile:\n\ud83c\udf10 https://security.samsungmobile.com/securityUpdate.smsb\n\n### #CVE_Identifiers:\nThe identified vulnerabilities have been assigned CVE identifiers ranging from CVE-2023-20971 to CVE-2024-36971.\n\n### Recommendations:\n- #Install_Updates: Users should regularly install software updates provided by Samsung.\n- #Consult_Official_Resources: For detailed information on vulnerabilities and countermeasures, refer to Samsung's official websites.\n\n\ud83d\udd17 Read the full article:\n\n\ud83c\udf10 https://www.hkcert.org/security-bulletin/samsung-products-multiple-vulnerabilities_20240806", "creation_timestamp": "2024-08-10T11:30:23.000000Z"}]}