[~]mobilehackerforhire$ hire --now
    cd ../exploit-db
    root@mhfh:~#cat /var/db/exploits/CVE-2023-20963.json
    exploits/CVE-2023-20963.md
    CVE-2023-20963AndroidLPEHigh

    WorkSource parcel mismatch (in-the-wild)

    affected
    ≤13
    disclosed
    2023-03-13
    discovered
    2023-02-20
    patched
    March 2023 ASB
    author
    Google TAG
    platform
    Android

    ## description

    Parcel/unparcel size mismatch in WorkSource allows attacker-controlled bytes to overlap subsequent fields, leading to local privilege escalation. Abused by commercial Android spyware.

    ## impact

    Local privilege escalation from any app to system_server. Used in active spyware campaigns.

    ## mitigation

    March 2023 Android patch level.

    ## proof of concept

    Parcel p = Parcel.obtain();
WorkSource ws = new WorkSource();
p.writeInt(0x1337);
ws.readFromParcel(p);
ws.writeToParcel(p2, 0);

    ## downloads

    ws-lpe.apk
    WorkSource exploit
    94 KB

    ## references