CVE-2016-0813

Name of the Vulnerable Software and Affected Versions Android versions 5.1.x through 5.1.0 Android versions 6.x before 2016-02-01

Description The issue is related to a flaw in the AlternateRecentsComponent.java function within the Setup Wizard component of the Android operating system. This flaw allows physically proximate attackers to bypass the Factory Reset Protection mechanism, potentially leading to data deletion. The vulnerability is associated with inadequate access control.

Recommendations For Android versions 5.1.x through 5.1.0, update to version 5.1.1 LMY49G or later. For Android versions 6.x before 2016-02-01, ensure that updates after 2016-02-01 are applied to mitigate the issue. As a temporary workaround, consider restricting access to the AlternateRecentsComponent.java function until a patch is available.