2 matches found
CVE-2021-0306
In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITYRECOGNITION permission without user confirmation. This could lead to local escalation of privilege with no...
CVE-2021-0306
CVE-2021-0306 describes a vulnerability in Android’s PermissionManagerService.addAllPermissions that enables a local elevation of privilege by bypassing permission checks to obtain the android.permission.ACTIVITY_RECOGNITION without user confirmation. Affected products include Android versions 8....