Описание
In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00013
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-863
Связанные уязвимости
github
больше 3 лет назад
In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
EPSS
Процентиль: 2%
0.00013
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-863