exploitDog

CVE-2021-0639

Опубликовано: 17 авг. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-190724551

Ссылки

https://source.android.com/security/bulletin/2021-08-01
Vendor Advisory
https://source.android.com/security/bulletin/2021-08-01
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00015

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-922

Связанные уязвимости

GHSA-45mp-7qc4-gj8v

github

больше 3 лет назад

In multiple functions of libl3oemcrypto.cpp, there is a possible weakness in the existing obfuscation mechanism due to the way sensitive data is handled. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-190724551

EPSS

Процентиль: 2%

0.00015

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-922