CVE-2021-39692

CVE-2021-39692 describes a local elevation of privilege in Android (10–12) via SetupLayoutActivity.java (tapjacking/overlay) that could bypass user consent to set up a work profile. Exploitation requires user interaction; CVSS indicates high impact (EoP) with local attack vector. Public reference...