Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-9jw7-cwvh-qp9c

Опубликовано: 17 мая 2022
Источник: github
Github: Не прошло ревью
CVSS3: 6.1

Описание

The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25229538.

The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25229538.

Ссылки

EPSS

Процентиль: 3%
0.00017
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2016-0812

Связанные уязвимости

ubuntu логотип

CVE-2016-0812

CVSS3: 6.1
ubuntu
около 10 лет назад

The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25229538.

nvd логотип

CVE-2016-0812

CVSS3: 6.1
nvd
около 10 лет назад

The interceptKeyBeforeDispatching function in policy/src/com/android/internal/policy/impl/PhoneWindowManager.java in Setup Wizard in Android 5.1.x before 5.1.1 LMY49G and 6.0 before 2016-02-01 does not properly check for setup completion, which allows physically proximate attackers to bypass the Factory Reset Protection protection mechanism and delete data via unspecified vectors, aka internal bug 25229538.

fstec логотип

BDU:2016-00805

fstec
около 10 лет назад

Уязвимость операционной системы Android, позволяющая нарушителю обойти механизмы защиты и удалить данные

EPSS

Процентиль: 3%
0.00017
Низкий

6.1 Medium

CVSS3

CVE ID

CVE-2016-0812