{"id":"ASB-A-256237041","details":"In the Android operating system, there is a possible way to replace a boot partition due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.","aliases":["A-256237041","CVE-2023-20940"],"modified":"2026-04-30T15:48:46.890647Z","published":"2023-02-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2023-02-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/build/+/ced530443431f078c6a694f12df989feb763f36d"}],"affected":[{"package":{"name":"platform/build","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2023-02-01"}]}],"versions":["13"],"ecosystem_specific":{"severity":"High","types":["EoP"],"fixes":["https://android.googlesource.com/platform/build/+/425f7d1cb3fc5c1adc740db546c5b18227ea3c82"],"spl":"2023-02-01"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-256237041.json"}}],"schema_version":"1.7.5"}