6 matches found
EUVD-2021-26127
Malware in sbrugna...
CVE-2021-39770
In Framework, there is a possible disclosure of the device owner package due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid...
Phabricator: Deprecated owners.query API bypasses object view policy
The deprecated owners.query API does not check object view policy. A user is able to view some information about an owner package which they do not have permission to see by calling this API. Since the API is deprecated, it could just be removed. Impact An attacker is able to view some informatio...
CVE-2021-39770
In Framework, there is a possible disclosure of the device owner package due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid...
CVE-2021-39770
CVE-2021-39770 affects the Android Framework on Android 12L and is caused by a missing permission check that enables a local information disclosure of the device owner package. The vulnerability allows access to sensitive information without additional execution privileges and does not require us...
CVE-2021-0983
In createAdminSupportIntent of DevicePolicyManagerService.java, there is a possible disclosure of information about installed device/profile owner package name due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges neede...