CVE-2019-2103

Name of the Vulnerable Software and Affected Versions Google Assistant in Android version 9

Description The issue concerns a permissions bypass in Google Assistant on Android 9, allowing it to capture screenshots of apps that have the FLAG SECURE flag set. This could result in the disclosure of local information without requiring any additional execution privileges. Notably, user interaction is not necessary for the exploitation of this issue.

Recommendations For Android 9, consider restricting the Google Assistant's access to sensitive apps or data as a temporary mitigation measure until a fix is available.