CVE-2021-0331
published 2021-02-10CVE-2021-0331: In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local…
high7.3CVSS 3.1
AVLACLPRLUIRSUCHIHAH
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-170731783
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | packages_apps_settings | >= 10:0 < 10:2021-02-01 | 10:2021-02-01 |
| platform | packages_apps_settings | >= 11:0 < 11:2021-02-01 | 11:2021-02-01 |
| platform | packages_apps_settings | >= 8.0:0 < 8.0:2021-02-01 | 8.0:2021-02-01 |
| platform | packages_apps_settings | >= 8.1:0 < 8.1:2021-02-01 | 8.1:2021-02-01 |
| platform | packages_apps_settings | >= 9:0 < 9:2021-02-01 | 9:2021-02-01 |