CVE-2023-45777

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue is related to a Parcel Mismatch in the checkKeyIntentParceledCorrectly function of AccountManagerService.java. This could allow an attacker to launch arbitrary activities using system privileges, leading to local escalation of privilege without needing additional execution privileges. User interaction is not required for exploitation.

Recommendations For Android versions prior to the fixed version, consider restricting access to the AccountManagerService to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.