CVE-2023-40130

HIGH

CallRedirectionProcessor - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-40130. PoCs published by wrlu.

AI-analyzed exploit summary This repository contains a functional proof-of-concept exploit for CVE-2023-40130, demonstrating a local privilege escalation vulnerability in Android's CallRedirectionService. The exploit leverages a JobService to execute arbitrary activities via PendingIntent, bypassing intended restrictions.

Description

In notifyTimeout of CallRedirectionProcessor, there is a possible permission bypass due to a logic error in the code. This could lead to local escalation of privilege and background activity launch with no additional execution privileges needed. User interaction is not needed for exploitation.

Exploits (1)

nomisec WORKING POC 12 stars
by wrlu · poc
https://github.com/wrlu/CVE-2023-40130

This repository contains a functional proof-of-concept exploit for CVE-2023-40130, demonstrating a local privilege escalation vulnerability in Android's CallRedirectionService. The exploit leverages a JobService to execute arbitrary activities via PendingIntent, bypassing intended restrictions.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Android (specific versions affected by CVE-2023-40130)
Auth required
Prerequisites: Call Redirection role access · Android device with vulnerable version
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (4)

Core 4

Scores

CVSS v3 7.8
EPSS 0.0011
EPSS Percentile 1.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

Status published
Products (4)
google/android 11.0
google/android 12.0
google/android 12.1
google/android 13.0
Published Oct 27, 2023
Tracked Since Feb 18, 2026