CVE-2021-39794

Name of the Vulnerable Software and Affected Versions Android versions Android-11 through Android-12L

Description The issue is related to a missing permission check in the broadcastPortInfo of AdbService.java. This could allow apps to run code as the shell user if wireless debugging is enabled, leading to local escalation of privilege with no additional execution privileges needed. User interaction is required for exploitation.

Recommendations For Android versions Android-11 through Android-12L, consider disabling wireless debugging until a patch is available to prevent potential exploitation. As a temporary workaround, restrict the use of AdbService.java to minimize the risk of escalation of privilege.