exploitDog

CVE-2021-39764

Опубликовано: 30 мар. 2022

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

In Settings, there is a possible way to display an incorrect app name due to improper input validation. This could lead to local escalation of privilege via app spoofing with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-170642995

Ссылки

https://source.android.com/security/bulletin/android-12l
Vendor Advisory
https://source.android.com/security/bulletin/android-12l
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:12.1:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00056

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-pmm8-gv2p-645q

CVSS3: 7.8

github

почти 4 года назад

In Settings, there is a possible way to display an incorrect app name due to improper input validation. This could lead to local escalation of privilege via app spoofing with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-170642995

EPSS

Процентиль: 18%

0.00056

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-20