Login Sign Up

CVE-2023-35670

7.8 HIGH
Path Traversal

📋 TL;DR

This vulnerability allows local attackers to write files to other apps' private directories on Android devices through a path traversal flaw in MediaProvider's FileUtils.java. It enables local privilege escalation without requiring user interaction or additional permissions. All Android devices running vulnerable versions are affected.

💻 Affected Systems

Products:
  • Android
Versions: Android 11, 12, 12L, 13, 14 (before September 2023 security patch)
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects all Android devices with MediaProvider component. Requires local access to device.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise where an attacker gains full system access, can read/modify any app's private data, install persistent malware, or disable security controls.

🟠

Likely Case

Data theft from other applications, injection of malicious content into trusted apps, or privilege escalation to perform unauthorized actions.

🟢

If Mitigated

Limited impact with proper app sandboxing and SELinux policies preventing full system compromise, though data leakage between apps may still occur.

🌐 Internet-Facing: LOW
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploitation requires local access to device but no user interaction. Path traversal vulnerability is straightforward to exploit once identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: September 2023 Android Security Bulletin or later

Vendor Advisory: https://source.android.com/security/bulletin/2023-09-01

Restart Required: Yes

Instructions:

1. Apply September 2023 Android Security Patch
2. Update device through Settings > System > System Update
3. Reboot device after update completes

🔧 Temporary Workarounds

Disable unnecessary apps

android

Reduce attack surface by disabling unused applications that could be targeted

Restrict app installations

android

Only allow app installations from trusted sources like Google Play Store

🧯 If You Can't Patch

  • Implement strict app isolation policies and monitor for unusual file access patterns
  • Use mobile device management (MDM) solutions to restrict app permissions and monitor for suspicious behavior

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About Phone > Android Version. If before September 2023, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows 'September 5, 2023' or later in Settings > About Phone > Android Version.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file write operations to other apps' private directories in system logs
  • MediaProvider process accessing unexpected file paths

Network Indicators:

  • Not applicable - local vulnerability only

SIEM Query:

Not applicable for typical Android deployments

📊 Metadata

CVE ID: CVE-2023-35670
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-22
Published: September 11, 2023
Last Updated: May 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-35670, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)