CVE-2021-0397
published 2021-03-10CVE-2021-0397: In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no…
PriorityP259critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
5.67%
92.0th percentile
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | system_bt | >= 10:0 < 10:2021-03-01 | 10:2021-03-01 |
| platform | system_bt | >= 11:0 < 11:2021-03-01 | 11:2021-03-01 |
| platform | system_bt | >= 8.1:0 < 8.1:2021-03-01 | 8.1:2021-03-01 |
| platform | system_bt | >= 9:0 < 9:2021-03-01 | 9:2021-03-01 |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is in sdp_copy_raw_data() within sdp_discovery.cc — monitor for exploitation attempts targeting the Android Bluetooth SDP stack (double-free leading to RCE) ↗
- →No user interaction is required for exploitation — treat any anomalous Bluetooth SDP traffic to Android 8.1/9/10/11 devices as potentially malicious ↗
- →Patch reference A-174052148 in Android Security Bulletin 2021-03-01; unpatched devices running AOSP 8.1, 9, 10, or 11 are at risk — use patch-level checks to identify exposed assets ↗
- ·Exploitation is zero-click and remote — no privileges or user interaction required, making this suitable for drive-by Bluetooth attacks against unpatched Android devices ↗
- ·The vulnerability affects a broad range of Android versions (8.1 through 11); Samsung issued a patch in its March 2021 security update addressing this critical flaw ↗
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SIMATIC
cisa_ics·2024-03-14
Siemens SIMATIC
ICS Advisory
##
Siemens SIMATIC
Release DateMarch 14, 2024
Alert CodeICSA-24-074-07
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC
- Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Missing Encryption of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Expected Beha
Android
CVE-2021-0397: Android Security Bulletin 2021-03-01
CVE: CVE-2021-0397
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 8
vendor_android·2021-03-01·CVSS 9.8
CVE-2021-0397 [CRITICAL] CVE-2021-0397: Android Security Bulletin 2021-03-01
CVE: CVE-2021-0397
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 8
Android Security Bulletin 2021-03-01
CVE: CVE-2021-0397
Severity: CRITICAL
Type: RCE
Affected AOSP versions: 8.1, 9, 10, 11
References: A-174052148
GHSA
GHSA-7864-h326-5m8j: In sdp_copy_raw_data of sdp_discovery
ghsa_unreviewed·2022-05-24
CVE-2021-0397 [CRITICAL] CWE-415 GHSA-7864-h326-5m8j: In sdp_copy_raw_data of sdp_discovery
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-174052148
OSV
CVE-2021-0397: In sdp_copy_raw_data of sdp_discovery
osv·2021-03-01
CVE-2021-0397 CVE-2021-0397: In sdp_copy_raw_data of sdp_discovery
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
No detection rules found.
No public exploits indexed.
2021-03-10
Published