PT-2016-5718 · Google · Android
Ronald L. Loor Vargas
·
Publicado
2016-09-11
·
Atualizado
2017-08-13
·
CVE-2016-3886
CVSS v2.0
7.2
Alta
| Vetor | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 2016-09-01
Description
The issue allows physically proximate attackers to gain privileges by modifying a setting on the lockscreen, due to the System UI Tuner not preventing tuner changes. This is related to the
systemui/statusbar/phone/QuickStatusBarHeader.java file.Recommendations
For Android versions prior to 2016-09-01, consider restricting access to the System UI Tuner on the lockscreen to minimize the risk of exploitation.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android