Описание
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-157929241
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*
EPSS
Процентиль: 1%
0.00012
Низкий
7.3 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-1021
Связанные уязвимости
CVSS3: 7.3
github
больше 3 лет назад
In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-157929241
EPSS
Процентиль: 1%
0.00012
Низкий
7.3 High
CVSS3
6.9 Medium
CVSS2
Дефекты
CWE-1021