2 matches found
CVE-2021-0333
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User...
CVE-2021-0333
CVE-2021-0333 affects Android BluetoothPermissionActivity.java, where a tapjacking overlay during device pairing can bypass the phonebook permissions dialog. This enables local privilege escalation with user interaction required, across Android 8.1–11. The issue is documented in multiple sources ...