CVE-2019-9281

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description The issue is related to a possible path traversal in GoogleContactsSyncAdapter due to improper input sanitization. This could lead to a bypass of user interaction requirements with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android version Android-10, consider restricting access to sensitive data until a patch is available. As a temporary workaround, review and restrict any unnecessary permissions related to the GoogleContactsSyncAdapter to minimize the risk of exploitation.