Lucene search
GoogleOSV:ASB-A-180422108HistorySep 01, 2021 - 12:00 a.m.
Tapjacking vulnerability when pairing Bluetooth devices with NFC
2021-09-0100:00:00
Google
osv.dev
16
0.0004 Low
EPSS
Percentile
5.1%
In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.
| CPE | Name | Operator | Version |
|---|---|---|---|
| platform/packages/apps/nfc | eq | 8.1 | |
| platform/packages/apps/nfc | eq | 9 | |
| platform/packages/apps/nfc | eq | 11 | |
| platform/packages/apps/nfc | eq | 10 |
Related
cnvd
cnvd
Google Android Elevation of Privilege Vulnerability (CNVD-2021-78772)
2021-09-08 00:00:00
prion
prion
Design/Logic Flaw
2021-10-06 15:15:00
cve
cve
CVE-2021-0598
2021-10-06 15:15:14
cvelist
cvelist
CVE-2021-0598
2021-10-06 14:11:16
nvd
nvd
CVE-2021-0598
2021-10-06 15:15:14
ics
ics
Siemens SIMATIC
2024-03-14 12:00:00