CVE-2021-0769

High CVSS 7.3

Overview

In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-184676316

CWE: N/A Published: 2021-12-15T19:15:10.680

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 7.3 (HIGH)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags