2 matches found
CVE-2021-0593
In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product:...
Google Android 安全漏洞
Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Alliance OHA. an elevation of privilege vulnerability exists in Google Android DevicePickerFragment.java. An attacker could exploit this vulnerability to escalate privileges...