/tags/permissions/Recent content in Permissions on THALIUMHugoen-usCopyright (c) 2026, all rights reserved.Tue, 20 Jun 2023 00:00:00 +0000/posts/leveraging-android-permissions/Tue, 20 Jun 2023 00:00:00 +0000/posts/leveraging-android-permissions/<p>The Android permission management system has already suffered from several vulnerabilities in the past. Such weaknesses can grant dangerous permissions to a malevolent application, an example being <code>CALL_LOG</code>, which gives access to all incoming and outgoing calls.</p> <p>This post dives into the Android permission system and how a solver was leveraged to find new vulnerabilities. With this approach, a privilege escalation was identified, which was fixed and assigned CVE-2023-20947 by Google.</p>