Описание
In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to a logic error in the code. This could lead to local escalation of privilege on versions of Android where android.permission.MANAGE_DEFAULT_APPLICATIONS was not defined with no additional execution privileges needed. User interaction is not needed for exploitation.
Уязвимые конфигурации
Одно из
EPSS
4 Medium
CVSS3
Дефекты
Связанные уязвимости
In multiple functions of RoleService.java, there is a possible permission squatting vulnerability due to a logic error in the code. This could lead to local escalation of privilege on versions of Android where android.permission.MANAGE_DEFAULT_APPLICATIONS was not defined with no additional execution privileges needed. User interaction is not needed for exploitation.
EPSS
4 Medium
CVSS3