Lucene search

Google_androidCVELIST:CVE-2021-0604

HistoryJul 14, 2021 - 1:45 p.m.

CVE-2021-0604

2021-07-1413:45:42

google_android

www.cve.org

bluetooth transmission

local information disclosure

user interaction

android-9

android-10

android-11

android-8.1

AI Score

5.4

Confidence

High

EPSS

0.001

Percentile

17.9%

JSON

In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-179910660

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android-9 Android-10 Android-11 Android-8.1"
      }
    ]
  }
]

References

source.android.com/security/bulletin/2021-07-01