CVE-2021-0649

In stopVpnProfile of Vpn.java, there is a possible VPN profile reset due to a permissions bypass. This could lead to local escalation of privilege CONTROLALWAYSONVPN with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

Google Android System Elevation of Privilege Vulnerability (CNVD-2021-101433)

Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA for short. The vulnerability can be exploited to cause local escalation of privileges CONTROLALWAYSONVPN...