CVE-2023-40132

High

Published: 21 January 2025

Published

21 January 2025

Modified

22 April 2025

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0000 0.2th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

In setActualDefaultRingtoneUri of RingtoneManager.java, there is a possible way to bypass content providers read permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Security Summary

CVE-2023-40132 is a vulnerability in the setActualDefaultRingtoneUri method of RingtoneManager.java within the Android framework. It stems from a missing permission check that allows bypassing content provider read permissions, classified under CWE-276 (Incorrect Default Permissions). The issue carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2025-01-21.

A local attacker with low privileges can exploit this vulnerability to achieve escalation of privilege without needing additional execution privileges. Although the CVSS vector indicates no user interaction (UI:N), the description specifies that user interaction is required for exploitation. Successful exploitation grants high confidentiality, integrity, and availability impacts.

The Android Security Bulletin at https://source.android.com/security/bulletin/2025-01-01 provides details on patches and mitigation steps for affected Android versions. Security practitioners should apply these updates promptly to address the permission bypass.

Details

CWE(s): CWE-276

Affected Products

google

android

12.0, 12.1, 13.0, 14.0

References

https://source.android.com/security/bulletin/2025-01-01
Vendor Advisory · security@android.com