CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2021-0306
https://notcve.org/view.php?id=CVE-2021-0306
In addAllPermissions of PermissionManagerService.java, there is a possible permissions bypass when upgrading major Android versions which allows an app to gain the android.permission.ACTIVITY_RECOGNITION permission without user confirmation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11, Android-8.0, Android-8.1, Android-9, Android-10; Android ID: A-154505240. En la función addAllPermissions del archivo PermissionManagerService.java, se presenta una posible omisión de permisos al actualizar las principales versiones de Android, lo que permite que una aplicación obtenga el permiso android.permission.ACTIVITY_RECOGNITION sin la confirmación del usuario. • https://source.android.com/security/bulletin/2021-01-01 • CWE-269: Improper Privilege Management •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2020-27059
https://notcve.org/view.php?id=CVE-2020-27059
In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android; Versions: Android-8.0, Android-8.1, Android-9, Android-10, 11; Android ID: A-159249069. En la función onAuthenticated del archivo AuthenticationClient.java, se presenta un posible ataque de tipo tapjacking al requerir la huella digital del usuario debido a una ventana superpuesta. • https://source.android.com/security/bulletin/pixel/2021-01-01 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22492
https://notcve.org/view.php?id=CVE-2021-22492
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Broadcom Bluetooth chipsets) software. The Bluetooth UART driver has a buffer overflow. The Samsung ID is SVE-2020-18731 (January 2021). Se detectó un problema en los dispositivos móviles de Samsung con versiones de software O(8.x), P(9.0) y Q(10.0) (chipsets Broadcom Bluetooth). El controlador UART de Bluetooth presenta un desbordamiento del búfer. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 0CVE-2021-22495
https://notcve.org/view.php?id=CVE-2021-22495
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) (Exynos chipsets) software. The Mali GPU driver allows out-of-bounds access and a device reset. The Samsung ID is SVE-2020-19174 (January 2021). Se detectó un problema en los dispositivos móviles de Samsung con versiones de software O(8.x), P(9.0), Q(10.0) y R(11.0) (chipsets Exynos). El controlador GPU de Mali permite un acceso fuera de límites y el reinicio del dispositivo. • https://security.samsungmobile.com/securityUpdate.smsb • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 1CVE-2020-35693
https://notcve.org/view.php?id=CVE-2020-35693
On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offers a connectable BLE advertisement. An example of such an app could be a Bluetooth-based contact tracing app, such as Australia's COVIDSafe app, Singapore's TraceTogether app, or France's TousAntiCovid (formerly StopCovid). As part of the pairing process, two pieces (among others) of personally identifiable information are exchanged: the Identity Address of the Bluetooth adapter of the target device, and its associated Identity Resolving Key (IRK). Either one of these identifiers can be used to perform re-identification of the target device for long term tracking. The list of affected devices includes (but is not limited to): Galaxy Note 5, Galaxy S6 Edge, Galaxy A3, Tab A (2017), J2 Pro (2018), Galaxy Note 4, and Galaxy S5. • https://github.com/alwentiu/contact-tracing-research/blob/main/samsung.pdf •