CVE-2021-0602

Name of the Vulnerable Software and Affected Versions: Android versions Android-10 through Android-11

Description: A permissions bypass issue in the onCreateOptionsMenu method of WifiNetworkDetailsFragment.java allows guest users to view and modify Wi-Fi settings for all configured access points. This could lead to local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations: For Android versions Android-10 through Android-11, consider restricting access to the Wi-Fi settings to prevent unauthorized modifications until a patch is available. As a temporary workaround, limit the privileges of guest users to minimize the risk of exploitation.