Lucene search
Google_androidCVELIST:CVE-2021-0315HistoryJan 11, 2021 - 9:48 p.m.
CVE-2021-0315
2021-01-1121:48:00
google_android
www.cve.org
3
tapjacking overlay attack
oncreate
grantcredentialspermissionactivity.java
local privilege escalation
android 8.1
android 9
android 10
android 11
EPSS
0
Percentile
5.1%
In onCreate of GrantCredentialsPermissionActivity.java, there is a possible way to convince the user to grant an app access to an account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-169763814.
CNA Affected
[
{
"product": "Android",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Android-8.1"
},
{
"status": "affected",
"version": "Android-9"
},
{
"status": "affected",
"version": "Android-10"
},
{
"status": "affected",
"version": "Android-11"
},
{
"status": "affected",
"version": "Android-8.0"
}
]
}
]Related
nvd
nvd
CVE-2021-0315
2021-01-11 22:15:13
prion
prion
Design/Logic Flaw
2021-01-11 22:15:00
osv
osv
cve
cve
CVE-2021-0315
2021-01-11 22:15:13
threatpost
threatpost
Google Warns of Critical Android Remote Code Execution Bug
2021-01-05 20:21:40