CVE-2021-0309

Description

In onCreate of grantCredentialsPermissionActivity, there is a confused deputy. This could lead to local information disclosure and account access with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.1, Android-9, Android-10, Android-11, Android-8.0; Android ID: A-158480899.

POC

Reference

No PoCs from references.

Github

https://github.com/TinyNiko/android_bulletin_notes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CVE-2021-0309.md

CVE-2021-0309.md

CVE-2021-0309

Description

POC

Reference

Github

Files

CVE-2021-0309.md

Latest commit

History

CVE-2021-0309.md

File metadata and controls

CVE-2021-0309

Description

POC

Reference

Github