exploitDog

CVE-2021-0702

Опубликовано: 22 окт. 2021

Источник: nvd

CVSS3: 5.5

CVSS2: 1.9

EPSS Низкий

Описание

In RevertActiveSessions of apexd.cpp, there is a possible way to share the wrong file due to an unintentional MediaStore downgrade. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-193932765

Ссылки

https://source.android.com/security/bulletin/2021-10-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/2021-10-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 4%

0.00018

Низкий

5.5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-j56c-hr82-x9gc

github

больше 3 лет назад

In RevertActiveSessions of apexd.cpp, there is a possible way to share the wrong file due to an unintentional MediaStore downgrade. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-193932765

EPSS

Процентиль: 4%

0.00018

Низкий

5.5 Medium

CVSS3

1.9 Low

CVSS2

Дефекты

NVD-CWE-noinfo