Lucene search
Google_androidCVELIST:CVE-2021-0309HistoryJan 11, 2021 - 9:47 p.m.
CVE-2021-0309
2021-01-1121:47:03
google_android
www.cve.org
5
insecure deputy
local info disclosure
account access
user interaction
android-8.1
android-9
android-10
android-11
android-8.0
In onCreate of grantCredentialsPermissionActivity, there is a confused deputy. This could lead to local information disclosure and account access with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158480899.
CNA Affected
[
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android-8.1"
},
{
"status": "affected",
"version": "Android-9"
},
{
"status": "affected",
"version": "Android-10"
},
{
"status": "affected",
"version": "Android-11"
},
{
"status": "affected",
"version": "Android-8.0"
}
]
}
]Related
osv
osv
nvd
nvd
CVE-2021-0309
2021-01-11 22:15:13
cve
cve
CVE-2021-0309
2021-01-11 22:15:13
prion
prion
Information disclosure
2021-01-11 22:15:00
threatpost
threatpost
Google Warns of Critical Android Remote Code Execution Bug
2021-01-05 20:21:40