Black2Fan

**Name of the Vulnerable Software and Affected Versions** Android versions prior to 2016-11-01 **Description** An elevation of privilege issue in the AOSP Launcher could allow a local malicious application to create shortcuts with elevated privileges without user consent. This is a local bypass of user interaction requirements, providing access to functionality that would normally require user initiation or permission. **Recommendations** For Android versions prior to 2016-11-01, update to a version released after 2016-11-01 to resolve the issue. As a temporary workaround, consider restricting the installation of applications from unknown sources to minimize the risk of exploitation.