CVE-2021-0462

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to a logic error in the NXP NFC firmware, which could lead to a local escalation of privilege. System execution privileges are needed for exploitation, and user interaction is not required. The vulnerability is associated with insecure management of privileges in the NFC component of the Android operating system, allowing an attacker to elevate their privileges.

Recommendations For Android kernel, apply the necessary security updates to fix the insecure firmware update issue. As a temporary workaround, consider restricting access to the NFC firmware to minimize the risk of exploitation.