CVE-2021-0954

Name of the Vulnerable Software and Affected Versions Android versions Android-10 through Android-11

Description In ResolverActivity, there is a possible user interaction bypass due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

Recommendations For Android versions Android-10 through Android-11, consider implementing additional security measures to prevent tapjacking/overlay attacks, such as restricting access to sensitive features or implementing stricter input validation. As a temporary workaround, consider disabling or restricting the use of ResolverActivity until a patch is available. Restrict access to ResolverActivity to minimize the risk of exploitation.