CVE-2021-1016

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue allows an app to gain access to USB without the user's knowledge due to a tapjacking/overlay attack. This could lead to local escalation of privilege, with the attacker needing to execute the exploit with user privileges. User interaction is required for the exploitation to occur.

Recommendations For Android versions prior to the fixed version, consider restricting access to USB permissions to minimize the risk of exploitation until a patch is available. As a temporary workaround, users should be cautious when granting USB access to apps, ensuring they are aware of the permissions being granted.