Описание
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-182282630
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*
EPSS
Процентиль: 3%
0.00015
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-1021
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-182282630
EPSS
Процентиль: 3%
0.00015
Низкий
7.8 High
CVSS3
4.4 Medium
CVSS2
Дефекты
CWE-1021