Lucene search

GoogleOSV:ASB-A-228314987

HistoryAug 01, 2022 - 12:00 a.m.

Bypass fix of CVE-2021-39807 : Disable secure nfc in guest user via SettingsSlice

2022-08-0100:00:00

Google

osv.dev

cve-2021-39807

secure nfc

guest user

privilege escalation

settingsslice

missing permission check

local exploitation

software

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.

References

android.googlesource.com/platform/packages/apps/Settings/+/2290b0af8cb4b640709fa904f73ce3e69208f872

android.googlesource.com/platform/packages/apps/Settings/+/645407c8e603337aee6882fc49c44f49bc5707a6

source.android.com/security/bulletin/2022-08-01

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for OSV:ASB-A-228314987