CVE-2021-39693

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description A logic error in the code of AppOpsService.java allows for a possible way to access location without a visible indicator. This issue could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android versions prior to the fixed version, consider restricting access to location services until a patch is available. As a temporary workaround, review and restrict applications' permissions to access location data to minimize the risk of exploitation.