High severity7.8NVD Advisory· Published Oct 27, 2023· Updated Jun 17, 2026
CVE-2023-40130
CVE-2023-40130
Description
In notifyTimeout of CallRedirectionProcessor, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege and background activity launch with no additional execution privileges needed. User interaction is not needed for exploitation.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
4- android.googlesource.com/platform/packages/services/Telecomm/+/5b335401d1c8de7d1c85f4a0cf353f7f9fc30218nvdPatch
- source.android.com/security/bulletin/2023-10-01nvdPatchVendor Advisory
- android.googlesource.com/platform/packages/services/Telecomm/+/a43a880beaa6a64348a1d0c821e8c7e98d741a79nvd
- source.android.com/security/bulletin/2025-12-01nvd
News mentions
0No linked articles in our index yet.