CVE-2021-26277 – Security Advisory | PendingIntent hijacking vulnerability in Framework Services

https://notcve.org/view.php?id=CVE-2021-26277

The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions. • https://www.vivo.com/en/support/security-advisory-detail?id=8 • CWE-94: Improper Control of Generation of Code ('Code Injection') •