CVE-2023-40132
CVSS Score
7.8
EPSS Score
0.1%
EPSS Percentile
0th
In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content providers read permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
| Vendor | |
| Product | android |
| Ecosystems | |
| Industries | TechnologyMobile |
| Published | Jan 21, 2025 |
| Last Updated | Jun 18, 2026 |
Stay Ahead of the Next One
Get instant alerts for google android
Be the first to know when new high vulnerabilities affecting google android are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Google / Android
17