CVE-2023-20963 PoC — Google Android 信任管理问题漏洞

Source

Associated Vulnerability

Title:Google Android 信任管理问题漏洞 (CVE-2023-20963)
Description:In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519

Description

CVE-2023-20963 PoC (Android WorkSource parcel/unparcel logic mismatch)

File Snapshot


 [4.0K]  /data/pocs/86d5acb16c2ccbc40dd63759487ce8784475a0eb
├── [4.0K]  app
│   ├── [ 507]  build.gradle
│   ├── [  65]  proguard-rules.pro
│   └── [4.0K]  src
│       └── [4.0K]  main
│           ├── [1.3K]  AndroidManifest.xml
│           ├── [4.0K]  java
│           │   └── [4.0K]  com
│           │       └── [4.0K]  example
│           │           └── [4.0K]  badparcel
│           │               ├── [ 388]  AuthenticatorService.java
│           │               ├── [ 752]  MainActivity.java
│           │               └── [4.0K]  MyAuthenticator.java
│           └── [4.0K]  res
│               └── [4.0K]  xml
│                   └── [ 314]  authenticator.xml
├── [4.0K]  docs
│   ├── [4.8M]  CVE-2023-20963.gif
│   └── [ 680]  README.md
├── [4.0K]  gradle
│   └── [4.0K]  wrapper
│       ├── [ 42K]  gradle-wrapper.jar
│       └── [ 250]  gradle-wrapper.properties
├── [1.2K]  gradle.properties
├── [8.5K]  gradlew
├── [2.8K]  gradlew.bat
└── [ 317]  settings.gradle

12 directories, 15 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!