CVE-2021-39738

Name of the Vulnerable Software and Affected Versions Android versions Android-10 through Android-12L

Description The issue allows pairing of a Bluetooth (BT) device without the user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android versions Android-10 through Android-12L, apply the fix provided in Android ID: A-216190509 to address the missing permission check and prevent unauthorized Bluetooth device pairing.