CVE-2021-1037Missing Authorization in Google Android

CWE-862Missing AuthorizationCWE-668Resource ExposureCWE-74InjectionCWE-79Cross-site ScriptingCWE-1037Processor Optimization Removal or Modification of Security-critical Code4 documents4 sources
Severity
5.3MEDIUMNVD
EPSS
0.1%
top 80.42%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
LxmlGoogle Android
Timeline
PublishedJan 14
Latest updateMar 8

Description

The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any permission checks, so any app can register to listen for it. This lets apps keep track of what devices are paired without requesting BLUETOOTH permissions.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-162951906

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

CVEListV5google/androidAndroid-10 Android-11 Android-12 Android-9
NVDgoogle/android4 versions+3
PyPIlxml/lxml< 4.6.5

🔴Vulnerability Details

2
GHSA
GHSA-fc93-89fq-8669: The broadcast that DevicePickerFragment sends when a new device is paired doesn't have any permission checks, so any app can register to listen for it2022-01-15
GHSA
lxml's HTML Cleaner allows crafted and SVG embedded scripts to pass through2021-12-13

📋Vendor Advisories

1
Red Hat
hw: cpu: AMD CPUs may transiently execute beyond unconditional direct branch2022-03-08
CVE-2021-1037 — Missing Authorization in Google Android | cvebase