CVE-2021-39766

Name of the Vulnerable Software and Affected Versions Android versions Android-12L

Description The issue is related to side channel information disclosure in Settings, allowing an attacker to determine whether an app is installed without query permissions. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android version Android-12L, consider restricting access to sensitive information in Settings to minimize the risk of exploitation. As a temporary workaround, review and adjust app installation query permissions to reduce potential information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.