Lucene search

Google_androidCVELIST:CVE-2021-0444

HistoryApr 13, 2021 - 6:26 p.m.

CVE-2021-0444

2021-04-1318:26:18

google_android

www.cve.org

android

quickcontactactivity

local information disclosure

user interaction

cve-2021-0444

android-11

android-8.1

android-9

android-10

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

17.9%

JSON

In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-178825358

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android-11 Android-8.1 Android-9 Android-10"
      }
    ]
  }
]

References

source.android.com/security/bulletin/2021-04-01