CVE-2021-0649

Name of the Vulnerable Software and Affected Versions Android versions Android-11

Description The issue is related to a permissions bypass in the stopVpnProfile function of Vpn.java, which could lead to a VPN profile reset. This might result in a local escalation of privilege with CONTROL ALWAYS ON VPN, requiring no additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android version Android-11, at the moment, there is no information about a newer version that contains a fix for this vulnerability.