In WindowManager, there is a possible tapjacking attack due to an incorrect window flag when processing user input. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-157929241
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/2022-06-01 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
24 Jun 2022, 15:55
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:* |
|
References | (MISC) https://source.android.com/security/bulletin/2022-06-01 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : 6.9
v3 : 7.3 |
CWE | CWE-1021 |
15 Jun 2022, 13:44
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-06-15 13:15
Updated : 2024-02-04 22:29
NVD link : CVE-2021-39691
Mitre link : CVE-2021-39691
CVE.ORG link : CVE-2021-39691
JSON object : View
Products Affected
- android
CWE
CWE-1021
Improper Restriction of Rendered UI Layers or Frames