Design/Logic Flaw

In WindowManager, there is a possible way to start a foreground activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

CVE-2021-39758

Summary of CVE-2021-39758 : In Android 12L, WindowManager could start a foreground activity from the background due to a missing permission check, enabling local elevation of privilege without user interaction. The Android bulletin classifies this issue under Framework/EoP with a moderate severit...

CVE-2021-39758

In WindowManager, there is a possible way to start a foreground activity from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions...

CVE-2021-39749

In WindowManager, there is a possible way to start non-exported and protected activities due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

CVE-2021-39749

CVE-2021-39749 affects Android 12L WindowManager; it allows starting non-exported/protected activities due to a missing permission check, enabling local privilege escalation with no additional privileges and no user interaction. A PoC demonstrates cross-app activity startup via TaskFragment/Choos...

Google Android 安全漏洞

Google Android is a Linux-based open-source operating system from the U.S. Google Android has an elevation of privilege vulnerability that stems from a lack of privilege checks in WindowManager, which could be exploited by attackers to gain elevated privileges...

Google Android WindowManager Privilege Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A privilege escalation vulnerability exists in the Android-11 version of WindowManager, which stems from launching a malicious application and allows an attacker to escalate privileges locally...

CVE-2020-0267

In WindowManager, there is a possible launch of an unexpected app due to a confused deputy. This could lead to local escalation of privilege due to launching a malicious app instead of the one the user intended, with no additional execution privileges needed. User interaction is needed for...

Design/Logic Flaw

In WindowManager, there is a possible launch of an unexpected app due to a confused deputy. This could lead to local escalation of privilege due to launching a malicious app instead of the one the user intended, with no additional execution privileges needed. User interaction is needed for...

CVE-2020-0267

In WindowManager, there is a possible launch of an unexpected app due to a confused deputy. This could lead to local escalation of privilege due to launching a malicious app instead of the one the user intended, with no additional execution privileges needed. User interaction is needed for...

CVE-2020-0267

CVE-2020-0267 affects Android 11 WindowManager. The issue allows a local attacker to trigger the launch of a malicious app due to a confused deputy, causing elevation of privilege without extra execution privileges, with user interaction required for exploitation. Affected component is WindowMana...

CVE-2017-0752

A elevation of privilege vulnerability in the Android framework windowmanager. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835...

CVE-2017-0752

A elevation of privilege vulnerability in the Android framework windowmanager. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835...

CVE-2017-0752

A elevation of privilege vulnerability in the Android framework windowmanager. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835...

CVE-2017-0752

CVE-2017-0752 is an elevation-of-privilege issue in the Android framework (windowmanager) affecting Android 4.4.4 through 7.1.2. Root cause: privilege escalation via windowmanager overlay/toast-style interaction (no exploit details provided in the sources). Impact is described as high (confidenti...

CVE-2017-0752

A elevation of privilege vulnerability in the Android framework windowmanager. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-62196835...

Google Android Framework elevation of privilege vulnerability (CNVD-2017-31650)

Android is the United States Google Google and the Open Handheld Alliance referred to as OHA jointly developed a set of Linux-based open source operating system. framework windowmanager is one of the window management framework. Frameworkwindowmanager in Android is vulnerable to a power lifting...