CVE-2019-2200

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description A permission bypass issue in the PermissionManagerService.java may allow a malicious app to obtain a custom permission from another app, potentially leading to local escalation of privilege. This issue requires user interaction for exploitation and needs User execution privileges.

Recommendations For Android version Android-10, consider restricting the use of custom permissions to minimize the risk of exploitation until a patch is available. As a temporary workaround, review and limit the permissions granted to apps to prevent potential abuse.