CVE-2017-0395

Name of the Vulnerable Software and Affected Versions Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1

Description The issue is related to insufficient access control in the Contacts component of the Android operating system. It allows a remote attacker to launch an application with the privileges of the current user. This vulnerability can enable a local malicious application to silently create contact information, bypassing user interaction requirements.

Recommendations For Android versions 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1, update to a version that includes the fix for this issue, as specified by the Android security bulletin. At the moment, there is no information about a newer version that contains a fix for this vulnerability.