CVE-2021-0487 in Androidinformazioni

Riassunto

di MITRE • 11/06/2021

In onCreate of CalendarDebugActivity.java, there is a possible way to export calendar data to the sdcard without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174046397

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Prenotare

06/11/2020

Divulgazione

11/06/2021

Moderazione

accettato

CPE

pronto

EPSS

0.00119

KEV

no

Attività

molto basso

Fonti

Want to know what is going to be exploited?

We predict KEV entries!