CVE-2021-0302
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-155287782
Published at
2021-02-10
340 days ago
Modified
2021-02-10
340 days ago
2021
Year
The year of the turtle
https://source.android.com/security/bulletin/2021-02-01
MISC:https://source.android.com/security/bulletin/2021-02-01
Vulnerability RAW
{
"Title": {
"_text": "CVE-2021-0302"
},
"Notes": {
"Note": [
{
"_text": "In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10Android ID: A-155287782"
},
{
"_text": "2021-02-10"
},
{
"_text": "2021-02-10"
}
]
},
"CVE": {
"_text": "CVE-2021-0302"
},
"References": {
"Reference": {
"URL": {
"_text": "https://source.android.com/security/bulletin/2021-02-01"
},
"Description": {
"_text": "MISC:https://source.android.com/security/bulletin/2021-02-01"
}
}
}
}