Login Sign Up

CVE-2023-29755

7.8 HIGH

📋 TL;DR

This vulnerability in Twilight v.13.3 for Android allows unauthorized apps to escalate privileges by manipulating SharedPreference files. Attackers can gain elevated permissions without user interaction, affecting all users of this specific Android application version.

💻 Affected Systems

Products:
  • Twilight (Android app)
Versions: v.13.3
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Twilight v.13.3 for Android. Requires malicious app installation on same device.

📦 What is this software?

Twilight by Urbanandroid

View all CVEs affecting Twilight →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of the Twilight app's functionality, allowing attackers to execute arbitrary code with app permissions, potentially accessing sensitive data or performing unauthorized actions.

🟠

Likely Case

Unauthorized apps gaining elevated privileges within the Twilight app, potentially modifying settings, accessing stored data, or disrupting normal app functionality.

🟢

If Mitigated

Limited impact with proper Android sandboxing and app isolation, though some app-specific data could still be compromised.

🌐 Internet-Facing: LOW - This is a local app vulnerability requiring installation of malicious apps on the same device.
🏢 Internal Only: MEDIUM - Within an organization, if Twilight is deployed on managed devices, malicious apps could exploit this to gain elevated privileges.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires installing a malicious app on the same device. No user interaction needed beyond app installation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v.13.4 or later

Vendor Advisory: https://github.com/LianKee/SO-CVEs/blob/main/CVEs/CVE-2023-29755/CVE%20detailed.md

Restart Required: Yes

Instructions:

1. Open Google Play Store 2. Search for Twilight app 3. Update to latest version (v.13.4+) 4. Restart device after update

🔧 Temporary Workarounds

Uninstall Twilight v.13.3

android

Remove the vulnerable version of Twilight from affected devices

adb uninstall com.urbandroid.lux

Restrict app installations

android

Prevent installation of unauthorized apps on Android devices

adb shell settings put secure install_non_market_apps 0

🧯 If You Can't Patch

  • Isolate Twilight app using Android work profile or containerization
  • Monitor for suspicious app installations and SharedPreference file modifications

🔍 How to Verify

Check if Vulnerable:

Check Twilight app version in Android Settings > Apps > Twilight > App info

Check Version:

adb shell dumpsys package com.urbandroid.lux | grep versionName

Verify Fix Applied:

Verify Twilight version is v.13.4 or later in app settings

📡 Detection & Monitoring

Log Indicators:

  • Unauthorized access to SharedPreference files
  • Unexpected permission escalations in Twilight app logs

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

source="android" app="Twilight" event="permission_escalation" OR event="shared_preference_modification"

📊 Metadata

CVE ID: CVE-2023-29755
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-922
Published: June 9, 2023
Last Updated: January 6, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-29755, you might also want to check these:

CVE-2025-12539 10.0

The TNC Toolbox: Web Performance WordPress plugin exposes cPanel API credentials in publicly accessi...

Same vulnerability type (CWE-922)
CVE-2023-32191 9.9

CVE-2023-32191 is a privilege escalation vulnerability in Rancher Kubernetes Engine (RKE) where non-...

Same vulnerability type (CWE-922)
CVE-2021-42371 9.8

CVE-2021-42371 is a critical vulnerability in XoruX LPAR2RRD and STOR2RRD monitoring software where ...

Same vulnerability type (CWE-922)