exploitDog

CVE-2021-0592

Опубликовано: 14 июл. 2021

Источник: nvd

CVSS3: 8.8

CVSS2: 9.3

EPSS Низкий

Описание

In various functions in WideVine, there are possible out of bounds writes due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-188061006

Ссылки

https://source.android.com/security/bulletin/2021-07-01
Vendor Advisory
https://source.android.com/security/bulletin/2021-07-01
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 65%

0.00502

Низкий

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-m2v6-c542-79gp

github

больше 3 лет назад

In various functions in WideVine, there are possible out of bounds writes due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-188061006

EPSS

Процентиль: 65%

0.00502

Низкий

8.8 High

CVSS3

9.3 Critical

CVSS2

Дефекты

CWE-787