Описание
In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Patch ID: ALPS05442014.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
6.7 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-77
Связанные уязвимости
github
больше 3 лет назад
In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442014.
EPSS
Процентиль: 31%
0.00117
Низкий
6.7 Medium
CVSS3
4.6 Medium
CVSS2
Дефекты
CWE-77