CVE-2016-10274Google Android vulnerability

CWE-2643 documents3 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 87.91%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Google AndroidGoogle INC Android
Timeline
PublishedMay 12
Latest updateMay 17

Description

An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-30202412. References: M-ALPS02897901.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDgoogle/android7.1.2
CVEListV5google_inc/androidn/a

Patches

Patch: source.android.comPatch: source.android.com

🔴Vulnerability Details

1
GHSA
GHSA-hfm8-4rxw-8qr3: An elevation of privilege vulnerability in the MediaTek touchscreen driver could enable a local malicious application to execute arbitrary code within2022-05-17

📋Vendor Advisories

1
Android
CVE-2016-10274: Android Security Bulletin 2017-05-01 CVE: CVE-2016-10274 Severity: CRITICAL References: A-30202412* M-ALPS028979012017-05-01