CVE-2016-6718 — Sensitive Information Exposure in Google Android
Severity
5.5MEDIUMNVD
EPSS
0.1%
top 83.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedNov 25
Latest updateMay 17
Description
An elevation of privilege vulnerability in the Account Manager Service in Android 7.0 before 2016-11-01 could enable a local malicious application to retrieve sensitive information without user interaction. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission.) Android ID: A-30455516.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6
Affected Packages3 packages
🔴Vulnerability Details
2📋Vendor Advisories
1Android▶
CVE-2016-6718: Android Security Bulletin 2016-11-01
CVE: CVE-2016-6718
Severity: MEDIUM
Affected AOSP versions: 7↗2016-11-01