PT-2022-11071 · Google · Android
Published
2022-04-20
·
Updated
2022-06-07
·
CVE-2021-39795
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
Android versions Android-11 through Android-12L
Description
The issue allows for potential read/write access to other apps' dedicated directories within external storage due to a missing permission check in MediaProvider.java. This could lead to local escalation of privilege, requiring User execution privileges. No user interaction is needed for exploitation.
Recommendations
For Android versions Android-11 through Android-12L, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Android