CVE-2021-33699

3 documents3 sources

Severity

6.5MEDIUM

EPSS

3.9%

top 11.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SAP SE SAP Fiori Client Native Mobile FOR Android SAP Fiori Client

Timeline

PublishedAug 10

Latest updateMay 24

Description

Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information.

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.8 | Impact: 3.6

Affected Packages2 packages

▶CVEListV5sap_se/sap_fiori_client_native_mobile_for_android< 3.2

▶NVDsap/fiori_client3.2

🔴Vulnerability Details

GHSA

GHSA-77c5-mgrx-7m2v: Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest↗2022-05-24

▶

CVEList

CVE-2021-33699: Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest↗2021-08-10

▶