exploitDog

CVE-2021-25474

Опубликовано: 06 окт. 2021

Источник: nvd

CVSS3: 4.4

CVSS2: 4.9

EPSS Низкий

Описание

Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

Ссылки

https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10
Vendor Advisory
https://security.samsungmobile.com/securityUpdate.smsb?year=2021&month=10
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 15%

0.00049

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-755

CWE-755

Связанные уязвимости

GHSA-jwg3-j355-w7qw

github

больше 3 лет назад

Assuming a shell privilege is gained, an improper exception handling for multi_sim_bar_show_on_qspanel value in SystemUI prior to SMR Oct-2021 Release 1 allows an attacker to cause a permanent denial of service in user device before factory reset.

EPSS

Процентиль: 15%

0.00049

Низкий

4.4 Medium

CVSS3

4.9 Medium

CVSS2

Дефекты

CWE-755

CWE-755