In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2019-09-01 | Patch Vendor Advisory |
Configurations
Information
Published : 2019-09-05 15:15
Updated : 2020-08-24 10:37
NVD link : CVE-2019-2175
Mitre link : CVE-2019-2175
JSON object : View
CWE
CWE-863
Incorrect Authorization
Products Affected
- android