In miniadb, there is a possible way to get read/write access to recovery system properties due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-201308542
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/android-12l | Vendor Advisory |
Configurations
Information
Published : 2022-03-30 09:15
Updated : 2022-06-04 20:25
NVD link : CVE-2021-39767
Mitre link : CVE-2021-39767
JSON object : View
CWE
CWE-1188
Insecure Default Initialization of Resource
Products Affected
- android