Описание
In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 14.0 (исключая)
cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
EPSS
Процентиль: 1%
0.00011
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-190
Связанные уязвимости
CVSS3: 6.7
github
больше 2 лет назад
In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
EPSS
Процентиль: 1%
0.00011
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-190