You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-179042963
✔️ This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-bolt-for-githubbot
changed the title
CVE-2021-0600 (High) detected in Settingsandroid-10.0.0_r33
CVE-2021-0600 (High) detected in Settingsandroid-10.0.0_r33 - autoclosed
Dec 22, 2022
mend-bolt-for-githubbot
changed the title
CVE-2021-0600 (High) detected in Settingsandroid-10.0.0_r33 - autoclosed
CVE-2021-0600 (High) detected in Settingsandroid-10.0.0_r33
Dec 25, 2022
CVE-2021-0600 - High Severity Vulnerability
Vulnerable Library - Settingsandroid-10.0.0_r33
Library home page: https://android.googlesource.com/platform/packages/apps/Settings
Found in HEAD commit: a0c3d8e6f964ef5cae986fce3953cfd6e57439f8
Found in base branch: master
Vulnerable Source Files (1)
/src/com/android/settings/applications/specialaccess/deviceadmin/DeviceAdminAdd.java
Vulnerability Details
In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-179042963
Publish Date: 2021-07-14
URL: CVE-2021-0600
CVSS 3 Score Details (7.8)
Base Score Metrics:
Suggested Fix
Type: Upgrade version
Origin: https://source.android.com/security/bulletin/2021-07-01
Release Date: 2020-11-07
Fix Resolution: android-11.0.0_r39
Step up your Open Source Security Game with Mend here
The text was updated successfully, but these errors were encountered: