CVE-2019-2043

Name of the Vulnerable Software and Affected Versions Android versions 7.0 through 9

Description The issue is related to a possible escalation of privilege due to an overlay attack in the SmsDefaultDialog.java file. This could lead to local escalation of privilege, granting privileges to a local app without the user's informed consent, with no additional privileges needed. User interaction is necessary for exploitation.

Recommendations For Android versions 7.0 through 9, as a temporary workaround, consider restricting the use of the SmsDefaultDialog until a patch is available.