CVE-2017-13287

Name of the Vulnerable Software and Affected Versions: Android versions 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1

Description: The issue is related to improper input validation in the createFromParcel method of VerifyCredentialResponse.java. This could lead to local escalation of privilege if mPayload in writeToParcel were null. No additional execution privileges are needed, and user interaction is not required for exploitation.

Recommendations: For Android versions 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1, update to a version that includes the fix for the issue in VerifyCredentialResponse.java.