CVE-2016-2421

Name of the Vulnerable Software and Affected Versions Android versions 5.1.x through 5.1.1 Android versions 6.x before 2016-04-01

Description The issue is related to the Setup Wizard component in the Android operating system, which has inadequate access control. This allows a local attacker to bypass protection mechanisms and delete data. The estimated number of potentially affected devices worldwide is not specified.

Recommendations For Android versions 5.1.x through 5.1.1, update to version 5.1.1 or later to resolve the issue. For Android versions 6.x before 2016-04-01, update to a version released after 2016-04-01 to resolve the issue. As a temporary workaround, consider restricting access to the Setup Wizard component until a patch is available.