CVE-2021-39617

Опубликовано: 13 дек. 2022

Источник: nvd

Описание

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

Связанные уязвимости

GHSA-jvp9-5xr3-p4jg

CVSS3: 7.8

github

около 3 лет назад

In the user interface buttons of PermissionController, there is a possible way to bypass permissions dialogs due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12LAndroid ID: A-175190844