Wiz
Vulnerability DatabaseCVE-2023-20919

CVE-2023-20919
NixOS vulnerability analysis and mitigation

Overview

CVE-2023-20919 is a vulnerability discovered in Android's Settings.java component, specifically in the getStringsForPrefix function. The vulnerability allows potential prevention of package uninstallation due to a logic error in the code. This security flaw affects Android version 13 (CVE List).

Technical details

The vulnerability exists in the getStringsForPrefix function of Settings.java component. It stems from a logic error in the code implementation that could prevent package uninstallation. The vulnerability has been classified as a local privilege escalation issue that requires no additional execution privileges for exploitation (CVE List).

Impact

If exploited, this vulnerability could lead to local escalation of privilege on affected Android devices. The impact is significant as it could prevent the uninstallation of packages, potentially leaving malicious applications installed on the device (CVE List).

Mitigation and workarounds

The vulnerability affects Android 13 devices. Users should ensure their devices are updated with the latest security patches provided by Google through their regular Android security updates (CVE List).

Additional resources

SourceThis report was generated using AI

Related NixOS vulnerabilities:

CVE ID

Severity

Score

Technologies

Component name

CISA KEV exploit

Has fix

Published date

CVE-2025-61619HIGH7.5
  • NixOSNixOS
  • android
NoNoDec 01, 2025
CVE-2025-61618HIGH7.5
  • NixOSNixOS
  • android
NoNoDec 01, 2025
CVE-2025-61617HIGH7.5
  • NixOSNixOS
  • android
NoNoDec 01, 2025
CVE-2025-61610HIGH7.5
  • NixOSNixOS
  • android
NoNoDec 01, 2025
CVE-2025-61609HIGH7.5
  • NixOSNixOS
  • android
NoNoDec 01, 2025

Free Vulnerability Assessment

Benchmark your Cloud Security Posture

Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.

Request assessment

Additional Wiz resources

Cloud Vulnerability DB

Cloud Vulnerability DB

A community-led vulnerabilities database

Cloud Threat Landscape

Cloud Threat Landscape

A threat intelligence database

PEACH

PEACH

A tenant isolation framework

Get a personalized demo

Ready to see Wiz in action?

"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo