Google Android 9.0/10.0/11.0/12.0 LegacyModeSmsHandler.java sendLegacyVoicemailNotification permission

A vulnerability was found in Google Android 9.0/10.0/11.0/12.0 (Smartphone Operating System). It has been classified as critical. This affects the function sendLegacyVoicemailNotification of the file LegacyModeSmsHandler.java. Applying a patch is able to eliminate this problem.

Field01/15/2022 08:09 AM01/19/2022 02:24 PM
vendorGoogleGoogle
nameAndroidAndroid
version9.0/10.0/11.0/12.09.0/10.0/11.0/12.0
fileLegacyModeSmsHandler.javaLegacyModeSmsHandler.java
functionsendLegacyVoicemailNotificationsendLegacyVoicemailNotification
cwe275 (privilege escalation)275 (privilege escalation)
risk22
cvss3_vuldb_avLL
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
identifierA-185126549A-185126549
urlhttps://source.android.com/security/bulletin/2022-01-01https://source.android.com/security/bulletin/2022-01-01
namePatchPatch
cveCVE-2021-39627CVE-2021-39627
cve_assigned16296696001629669600
date1642201200 (01/15/2022)1642201200 (01/15/2022)
typeSmartphone Operating SystemSmartphone Operating System
cvss2_vuldb_avLL
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss2_vuldb_basescore4.34.3
cvss2_vuldb_tempscore3.73.7
cvss3_vuldb_basescore5.35.3
cvss3_vuldb_tempscore5.15.1
cvss3_meta_basescore5.35.3
cvss3_meta_tempscore5.15.1
price_0day$25k-$100k$25k-$100k
price_trend++
cve_nvd_summaryIn sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-185126549

Do you want to use VulDB in your project?

Use the official API to access entries easily!