6 matches found
CVE-2021-0686
In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information about the default sms app of a different device user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction i...
CVE-2022-20272
In PermissionController, there is a possible misunderstanding about the default SMS application's permission set due to misleading text. This could lead to local information disclosure with User privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...
PT-2022-14496 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: The issue is related to a possible misunderstanding about the default SMS application's permission set due to misleading text in the PermissionController. This could lead to local information disclosur...
CVE-2021-0686
In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information about the default sms app of a different device user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction i...
CVE-2021-0686
CVE-2021-0686 affects Android 10/11 and involves RoleManagerService.getDefaultSmsPackage. A missing permission check could allow a local attacker to disclose information about the default SMS app for a different device user without user interaction. The vulnerability enables local information dis...
ASB-A-177927831
In getDefaultSmsPackage of RoleManagerService.java, there is a possible way to get information about the default sms app of a different device user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction i...