Yousra Aafer

**Name of the Vulnerable Software and Affected Versions** Android versions prior to T(13) **Description** The issue is related to improper handling of insufficient permissions in the setSecureFolderPolicy function within the PersonaManagerService. This allows local attackers to set certain setting values in the Secure folder. **Recommendations** For Android versions prior to T(13), update to Android T(13) or later to resolve the issue.

Name of the Vulnerable Software and Affected Versions: InputManagerService versions prior to SMR Oct-2021 Release 1 Description: The issue is related to improper authentication in the InputManagerService, which allows monitoring of touch events. Recommendations: For versions prior to SMR Oct-2021 Release 1, update to SMR Oct-2021 Release 1 or later to resolve the issue.