CVE-2021-39796

Name of the Vulnerable Software and Affected Versions Android versions Android-10 through Android-12L

Description The issue allows an attacker to trick a victim into installing a harmful app through a tapjacking/overlay attack in the HarmfulAppWarningActivity. This could lead to local escalation of privilege, requiring User execution privileges and user interaction for exploitation.

Recommendations For Android versions Android-10 through Android-12L, consider restricting access to the HarmfulAppWarningActivity until a patch is available. As a temporary workaround, avoid interacting with suspicious app warnings to minimize the risk of exploitation.