Platform Vendor Unbundled Google Packages Euiccgoogleprebuilt vulnerabilities
2 known vulnerabilities affecting platform/vendor_unbundled_google_packages_euiccgoogleprebuilt.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
UNKNOWN2
Vulnerabilities
Page 1 of 1
CVE-2021-39625UNKNOWN≥ 9:0, < 9:2022-01-01≥ 10:0, < 10:2022-01-01+2 more2022-01-01
CVE-2021-39625 CVE-2021-39625: In showCarrierAppInstallationNotification of EuiccNotificationManager
In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
osv
CVE-2021-39618UNKNOWN≥ 9:0, < 9:2022-01-01≥ 10:0, < 10:2022-01-01+2 more2022-01-01
CVE-2021-39618 CVE-2021-39618: In multiple methods of EuiccNotificationManager
In multiple methods of EuiccNotificationManager.java, there is a possible way to install existing packages without user consent due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
osv