CVE-2021-39702
CVE-2021-39702 affects Android 12; in onCreate of RequestManageCredentials.java, a tapjacking/overlay attack could allow a third‑party app to install certificates without user approval, enabling local elevation of privilege with User interaction required . Documented impact: EoP with high confide...