CVE-2017-13289

Name of the Vulnerable Software and Affected Versions: Android versions 6.0 through 8.1

Description: A permission bypass issue exists due to a write size mismatch in the writeToParcel and createFromParcel methods of RttManager.java. This could lead to a local escalation of privileges, allowing a user to start an activity with system privileges without needing additional execution privileges. User interaction is not required for exploitation.

Recommendations: For Android versions 6.0 through 8.1, update to a version that contains a fix for this issue to prevent local escalation of privileges.