2 matches found
CVE-2021-0434
In onReceive of BluetoothPermissionRequest.java, there is a possible phishing attack allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional...
PT-2021-13017 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-8.1 through Android-11 Description: The issue is related to a possible permissions bypass due to a mutable PendingIntent in the onReceive of BluetoothPermissionRequest.java. This could lead to local escalation of...