3.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
0.0004 Low
EPSS
Percentile
5.1%
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a
possible way to access the microphone from the background due to a missing
permission check. This could lead to local escalation of privilege with no
additional execution privileges needed. User interaction is not needed for
exploitation.Product: AndroidVersions: Android-10 Android-11Android ID:
A-229793943