CVE-2023-45779

HIGH

Android APEX Module Framework - Local Privilege Escalation via Improper Cryptographic Validation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-45779. PoCs published by metaredteam.

AI-analyzed exploit summary This repository contains functional exploit code and scripts to detect and exploit Android devices with APEX files signed using test keys. It includes tools to unpack, modify, and repack APEX files, as well as a library to demonstrate code execution.

Description

In the APEX module framework of AOSP, there is a possible malicious update to platform components due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. More details on this can be found in the referenced links.

Exploits (1)

nomisec WORKING POC 103 stars
by metaredteam · poc
https://github.com/metaredteam/rtx-cve-2023-45779

This repository contains functional exploit code and scripts to detect and exploit Android devices with APEX files signed using test keys. It includes tools to unpack, modify, and repack APEX files, as well as a library to demonstrate code execution.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Android devices with vulnerable APEX files
Auth required
Prerequisites: AOSP source tree · ADB access to the target device · Test keys for the appropriate VNDK version
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

Scores

CVSS v3 7.8
EPSS 0.0033
EPSS Percentile 25.3%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
google/android
Published Dec 04, 2023
Tracked Since Feb 18, 2026