Security in ICS and OT digitalization -
comprehensive cyber resilience for Industrial Control Systems
As OT and IT converge, it is time for an all-encompassing approach to securing mission-critical digital assets.
So how do you prevent a cyber-attack on your mission-critical ICS devices when the barriers between OT and IT are blurried by wireless sensor networks or by the use of cloud-based applications at shop level?
Start with the essential controls recommended by NERC CIP or IEC 62443, start with full visibility about connected devices and the changes happening on them.
Many models have been derived to describe the requirements for cyber security in the world of Industrial Operational Technology, the world of cyber-physical systems where an attack has the potential for severe real-life damages (see our infographic 'A History of ICS Cyber Incidents & Attacks'). Common to all is that essential controls are needed at intersections and on assets to detect malicious changes, whether they are made to a system's configuration settings, alter critical data, or drop malicious files. Malicious change as the root cause for almost all cyber incidents needs be detected and controlled to safeguard the availability of assets and the processes they enable. This is exactly what NNT's ChangeTracker Gen7 R2 with its unique feature set for Industrial Control System is designed for.
How to Converge OT and IT Networks and Protect Industry Digitalization
DOWNLOAD NNT’S ICS/OT SOLUTION BRIEF
discover and highlight any dangerous behaviour
Both standards, NERC CIP and IEC 62443, mandate to have the ability to monitor the digital infrastructure to enable the following:
- develop and maintain a baseline configuration of assets
- authorize and document any change to a baseline
- continuously monitor and alert about any malicious change
- apply hardened configuration settings to any new asset added to the infrastructure
Our ICS feature set will not only help you to automate these tasks, and help you to document your security measures for audit purposes. As it is part of the larger functionalities of ChangeTracker Gen7 R2, you are gaining visibility across the domains of Operational Technology and Information Technology. As the demarcation between the two fades away, this is what is needed to stay ahead of the technological changes coming along with the digitalization labeled Industry 4.0 making use of wireless sensor networks, cloud and container applications, or factory virtualization (Digital Twin, Virtual Power Plant).
In an ever-connected, highly automated environment, every assets needs serious care and attention in terms of cyber security and resilience. Secure configuration baselines, change control, and vulnerability management are non-negotiable.
NNT make the entire process of creating a baseline configuration as easy as possible.
NERC CIP requires a baseline to encompass operating systems, firmware, applications, custom software and many more.
Change Tracker's simple Wizard UI walks you through the process so anyone can create their own Baselines within minutes!
In addition, to further simplify that process, there is an unlimited supply of published hardened build standards, such as the Center for Internet Security (CIS) Benchmarks or the DISA Security Technical Information Guides (STIG), ready to be used and amended where needed.
Simple, UX-driven workflows make the maintenance of a configuration baseline straightforward, providing all the flexibility needed to promote changes to the baseline as they are required. It works to keep everything secure in Industrial Control, starting with systems like PLCs, HMIs, Historian and including advanced cloud and container infrastructures.
For example, following routine patching where not just product versions may change, but also the associated open ports and underlying filesystem, registry and configuration settings, you decide if you want to ‘promote changes to the baseline’. You can also assign basic logic to the promoted changes to either replace or extend the Baseline.
A number of security frameworks reference the need for change control, integrity monitoring and an established configuration standard or hardened build standard. You’ll find the need for such a baseline or Gold Build Standard in all compliance frameworks (for example, NIST 800-53 CM-2 and CM-3, CIS Control 5.2, PCI DSS Requirement 2) but especially NERC CIP 007-3 and 010-3 as a means of guaranteeing security.
Without a consistent build how else can you expect security to be maximized?
The NERC CIP 010 process is shown in the diagram and the NNT Baseline Configuration management process allows you to follow this cycle
Advisories
-
Siemens SENTRON 7KM PAC3x20
14 March 2024
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 5.1
- ATTENTION: Low attack complexity
- Vendor: Siemens
- Equipment: SENTRON 7KM PAC3120, SENTRON 7KM PAC3220
- Vulnerability: Improper Access Control
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow attacker to read out the data from the internal flash of affected device.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Siemens SENTRON 7KM PAC3120 and PAC3220, power measuring devices, are affected:
- SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0): Versions V3.2.3 and after but before V3.3.0 only when manufactured between LQN231003... and LQN231215... (with LQNYYMMDD...)
- SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0): Versions V3.2.3 and after but before V3.3.0 only when manufactured between LQN231003... and
LQN231215... (with LQNYYMMDD...) - SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0): Versions V3.2.3 and after but before V3.3.0 only when manufactured between LQN231003... and LQN231215... (with LQNYYMMDD...)
- SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0): Versions V3.2.3 and after but before V3.3.0 only when manufactured between LQN231003... and
LQN231215... (with LQNYYMMDD...)
3.2 Vulnerability Overview
3.2.1 IMPROPER ACCESS CONTROL CWE-284
The read out protection of the internal flash of affected devices was not properly set at the end of the
manufacturing process. An attacker with physical access to the device could read out the data.CVE-2024-21483 has been assigned to this vulnerability. A CVSS v3.1 base score of 4.6 has been calculated; the CVSS vector string is (AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
A CVSS v4 score has been calculated for CVE-2024-21483. A base score of 5.1 has been calculated; the CVSS vector string is (CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N).
3.3 BACKGROUND
- CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
- COUNTRIES/AREAS DEPLOYED: Worldwide
- COMPANY HEADQUARTERS LOCATION: Germany
3.4 RESEARCHER
Siemens reported this vulnerability to CISA.
4. MITIGATIONS
Siemens has identified the following specific workarounds and mitigations users can apply to reduce risk:
- SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0), SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0), SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0), SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0): Restrict physical access to the device to trusted personnel.
- SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0), SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0), SENTRON 7KM PAC3220 AC/DC (7KM3220-0BA01-1DA0), SENTRON 7KM PAC3220 DC (7KM3220-1BA01-1EA0): Update to V3.3.0 or later version.
As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals.
Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage.
For more information see the associated Siemens security advisory SSA-792319 in HTML and CSAF.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:
- Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
- Locate control system networks and remote devices behind firewalls and isolating them from business networks.
- When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.
5. UPDATE HISTORY
- March 14, 2024: Initial Publication
-
Siemens SINEMA Remote Connect Client
14 March 2024
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 6.1
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SINEMA Remote Connect Client
- Vulnerability: Insertion of Sensitive Information into Externally-Accessible File or Directory
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow an attacker to access sensitive information.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Siemens SINEMA Remote Connect Client, a remote management platform, are affected:
- SINEMA Remote Connect Client: All versions prior to V3.1 SP1
3.2 Vulnerability Overview
3.2.1 INSERTION OF SENSITIVE INFORMATION INTO EXTERNALLY-ACCESSIBLE FILE OR DIRECTORY CWE-538
The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also available via the web interface of the product.
CVE-2024-22045 has been assigned to this vulnerability. A CVSS v3 base score of 7.6 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N).
A CVSS v4 score has also been calculated for CVE-2024-22045. A base score of 6.1 has been calculated; the CVSS vector string is (CVSS4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N).
3.3 BACKGROUND
- CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing, Commercial Facilities, Energy, Food and Agriculture, Healthcare and Public Health, Transportation Systems, Water and Wastewater Systems
- COUNTRIES/AREAS DEPLOYED: Worldwide
- COMPANY HEADQUARTERS LOCATION: Germany
3.4 RESEARCHER
Siemens reported this vulnerability to CISA.
4. MITIGATIONS
Siemens has released updates for the affected products and recommends to update to the latest versions:
- Update to V3.1 SP1 or later version.
- In order to fully mitigate the issue, administrators are advised to backup and clear the log files and to change the VPN credentials.
As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals.
Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage.
For more information see the associated Siemens security advisory SSA-653855 in HTML and CSAF.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
- Do not click web links or open attachments in unsolicited email messages.
- Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
- Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time.
5. UPDATE HISTORY
- March 14, 2024: Initial Publication
-
Siemens SIMATIC
14 March 2024
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC
- Vulnerabilities: Improper Restriction of Operations within the Bounds of a Memory Buffer, Improper Input Validation, Missing Encryption of Sensitive Data, Incorrect Permission Assignment for Critical Resource, Expected Behavior Violation, Improper Authentication, Out-of-bounds Write, Use After Free, Inadequate Encryption Strength, Use of Insufficiently Random Values, Incorrect Authorization, Improper Locking, Improper Restriction of Rendered UI Layers or Frames, Improper Privilege Management, Missing Authorization, Cleartext Storage of Sensitive Information, Improper Check for Unusual or Exceptional Conditions, Improper Certificate Validation, Double Free, Integer Overflow or Wraparound, Out-of-bounds Read, Improper Initialization, Race Condition, Use of Uninitialized Resource, Improper Handling of Exceptional Conditions, Missing Initialization of Resource, Exposure of Resource to Wrong Sphere, Externally Controlled Reference to a Resource in Another Sphere, Injection, Excessive Iteration, Improper Preservation of Permissions, Improper Encoding or Escaping of Output, Incorrect Conversion between Numeric Types, Deserialization of Untrusted Data, Classic Buffer Overflow, Initialization of a Resource with an Insecure Default, Infinite Loop, Integer Underflow
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to execute arbitrary code within the context of a privileged process.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
Siemens reports that the following SIMATIC mobile RFID reader products are affected:
- SIMATIC RF160B (6GT2003-0FA00): versions prior to V2.2
3.2 Vulnerability Overview
3.2.1 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119
An attacker could cause a crash or potentially execute arbitrary code by sending specially crafted DNS responses to the DNSmasq process. In order to exploit this vulnerability, an attacker must be able to trigger DNS requests from the device and must be in a privileged position to inject malicious DNS responses.
CVE-2017-14491 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.2 IMPROPER INPUT VALIDATION CWE-20
An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue can be triggered as root (e.g., inside a default LXC container or with the CAP_NET_ADMIN capability) or after namespace unsharing. This occurs because sk_type and protocol are not checked in the appropriate part of the ip6_mroute_* functions. NOTE: this affects Linux distributions that use 4.9.x longterm kernels before 4.9.187.
CVE-2017-18509 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.3 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-9 Android ID: A-123700107
CVE-2020-0338 has been assigned to this vulnerability. A CVSS v3 base score of 5.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N).
3.2.4 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
In setNiNotification of GpsNetInitiatedHandler.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-154319182
CVE-2020-0417 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.5 EXPECTED BEHAVIOR VIOLATION CWE-440
A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled. This call incorrectly reports it as being 'force disabled' when it is not and opens the system to Spectre v2 attacks. The highest threat from this vulnerability is to confidentiality.
CVE-2020-10768 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.6 IMPROPER AUTHENTICATION CWE-287
Improper authentication of un-encrypted plaintext Wi-Fi frames in an encrypted network can lead to information disclosure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11301 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.7 OUT-OF-BOUNDS WRITE CWE-787
An out-of-bounds memory write flaw was found in how the Linux kernel's Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-14305 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.8 USE AFTER FREE CWE-416
A flaw was found in the Linux kernel's futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-14381 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.9 USE AFTER FREE CWE-416
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
CVE-2020-15436 has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
3.2.10 INADEQUATE ENCRYPTION STRENGTH CWE-326
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
CVE-2020-24587 has been assigned to this vulnerability. A CVSS v3 base score of 2.6 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N).
3.2.11 USE OF INSUFFICIENTLY RANDOM VALUES CWE-330
A flaw in ICMP packets in the Linux kernel was found to allow to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization are indirectly affected as well. Kernel versions before 5.10 may be vulnerable to this issue.
CVE-2020-25705 has been assigned to this vulnerability. A CVSS v3 base score of 7.4 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
3.2.12 INCORRECT AUTHORIZATION CWE-863
Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26555 has been assigned to this vulnerability. A CVSS v3 base score of 5.4 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).
3.2.13 IMPROPER AUTHENTICATION CWE-287
Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
CVE-2020-26558 has been assigned to this vulnerability. A CVSS v3 base score of 4.2 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
3.2.14 IMPROPER LOCKING CWE-667
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
CVE-2020-29660 has been assigned to this vulnerability. A CVSS v3 base score of 4.4 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
3.2.15 IMPROPER LOCKING CWE-667
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2020-29661 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.16 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android-9 Android-10Android ID: A-155287782
CVE-2021-0302 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.17 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-154015447
CVE-2021-0305 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.18 OUT-OF-BOUNDS WRITE CWE-787
In ih264d_parse_pslice of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-174238784
CVE-2021-0325 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.19 OUT-OF-BOUNDS WRITE CWE-787
In p2p_copy_client_info of p2p.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution if the target device is performing a Wi-Fi direct search, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172937525
CVE-2021-0326 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.20 IMPROPER PRIVILEGE MANAGEMENT CWE-269
In getContentProviderImpl of ActivityManagerService.java, there is a possible permission bypass due to non-restored binder identities. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-172935267
CVE-2021-0327 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.21 MISSING AUTHORIZATION CWE-862
In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-172670415
CVE-2021-0328 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.22 OUT-OF-BOUNDS WRITE CWE-787
In several native functions called by AdvertiseManager.java, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege in the Bluetooth server with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-171400004
CVE-2021-0329 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.23 USE AFTER FREE CWE-416
In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in storaged with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-170732441
CVE-2021-0330 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.24 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In onCreate of NotificationAccessConfirmationActivity.java, there is a possible overlay attack due to an insecure default value. This could lead to local escalation of privilege and notification access with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-170731783
CVE-2021-0331 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.2.25 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook permissions dialog when a Bluetooth device is connecting. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-168504491
CVE-2021-0333 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.2.26 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-163358811
CVE-2021-0334 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.27 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-158219161
CVE-2021-0336 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.28 CLEARTEXT STORAGE OF SENSITIVE INFORMATION CWE-312
In moveInMediaStore of FileSystemProvider.java, there is a possible file exposure due to stale metadata. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-157474195
CVE-2021-0337 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.29 IMPROPER CHECK FOR UNUSUAL OR EXCEPTIONAL CONDITIONS CWE-754
In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-8.1, Android-9 Android ID: A-145728687
CVE-2021-0339 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.30 IMPROPER CERTIFICATE VALIDATION CWE-295
In verifyHostName of OkHostnameVerifier.java, there is a possible way to accept a certificate for the wrong domain due to improperly used crypto. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171980069
CVE-2021-0341 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.31 MISSING AUTHORIZATION CWE-862
In various methods of WifiNetworkSuggestionsManager.java, there is a possible modification of suggested networks due to a missing permission check. This could lead to local escalation of privilege by a background user on the same device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174749461
CVE-2021-0390 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.32 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In onCreate() of ChooseTypeAndAccountActivity.java, there is a possible way to learn the existence of an account, without permissions, due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172841550
CVE-2021-0391 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.33 DOUBLE FREE CWE-415
In main of main.cpp, there is a possible memory corruption due to a double free. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-175124730
CVE-2021-0392 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.34 INTEGER OVERFLOW OR WRAPAROUND CWE-190
In Scanner::LiteralBuffer::NewCapacity of scanner.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution if an attacker can supply a malicious PAC file, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-168041375
CVE-2021-0393 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.35 OUT-OF-BOUNDS READ CWE-125
In android_os_Parcel_readString8 of android_os_Parcel.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-172655291
CVE-2021-0394 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.36 OUT-OF-BOUNDS WRITE CWE-787
In Builtins::Generate_ArgumentsAdaptorTrampoline of builtins-arm.cc and related files, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-160610106
CVE-2021-0396 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.37 DOUBLE FREE CWE-415
In sdp_copy_raw_data of sdp_discovery.cc, there is a possible system compromise due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174052148
CVE-2021-0397 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.38 USE AFTER FREE CWE-416
In qtaguid_untag of xt_qtaguid.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-176919394References: Upstream kernel
CVE-2021-0399 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.39 IMPROPER INPUT VALIDATION CWE-20
In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-177561690
CVE-2021-0400 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).
3.2.40 USE AFTER FREE CWE-416
In pollOnce of ALooper.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175074139
CVE-2021-0429 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.41 OUT-OF-BOUNDS READ CWE-125
In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure to a paired device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174149901
CVE-2021-0431 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.42 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In onCreate of DeviceChooserActivity.java, there is a possible way to bypass user consent when pairing a Bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege and pairing malicious devices with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-171221090
CVE-2021-0433 has been assigned to this vulnerability. A CVSS v3 base score of 8.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.43 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In onReceive of BluetoothPermissionRequest.java, a phishing attack is possible allowing a malicious Bluetooth device to acquire permissions based on insufficient information presented to the user in the consent dialog. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-167403112
CVE-2021-0434 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.2.44 IMPROPER INITIALIZATION CWE-665
In avrc_proc_vendor_command of avrc_api.cc, there is a possible leak of heap data due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174150451
CVE-2021-0435 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.45 INTEGER OVERFLOW OR WRAPAROUND CWE-190
In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out-of-bounds read due to integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496160
CVE-2021-0436 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.46 DOUBLE FREE CWE-415
In setPlayPolicy of DrmPlugin.cpp, there is a possible double free. This could lead to local escalation of privilege in a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176168330
CVE-2021-0437 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.47 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In several functions of InputDispatcher.cpp, WindowManagerService.java, and related files, there is a possible tapjacking attack due to an incorrect FLAG_OBSCURED value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10 Android ID: A-152064592
CVE-2021-0438 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.48 CONCURRENT EXECUTION USING SHARED RESOURCE WITH IMPROPER SYNCHRONIZATION ('RACE CONDITION') CWE-362
In several functions of ScreenshotHelper.java and related files, there is a possible incorrectly saved screenshot due to a race condition. This could lead to local information disclosure across user profiles with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-170474245
CVE-2021-0443 has been assigned to this vulnerability. A CVSS v3 base score of 4.7 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.49 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In onActivityResult of QuickContactActivity.java, there is an unnecessary return of an intent. This could lead to local information disclosure of contact data with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-178825358
CVE-2021-0444 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.50 INTEGER OVERFLOW OR WRAPAROUND CWE-190
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444786
CVE-2021-0471 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.51 USE OF UNINITIALIZED RESOURCE CWE-908
In rw_t3t_process_error of rw_t3t.cc, there is a possible double free due to uninitialized data. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179687208
CVE-2021-0473 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.52 OUT-OF-BOUNDS WRITE CWE-787
In avrc_msg_cback of avrc_api.cc, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-177611958
CVE-2021-0474 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.53 CONCURRENT EXECUTION USING SHARED RESOURCE WITH IMPROPER SYNCHRONIZATION ('RACE CONDITION') CWE-362
In FindOrCreatePeer of btif_av.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-169252501
CVE-2021-0476 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.54 IMPROPER HANDLING OF EXCEPTIONAL CONDITIONS CWE-755
In updateDrawable of StatusBarIconView.java, there is a possible permission bypass due to an uncaught exception. This could lead to local escalation of privilege by running foreground services without notifying the user, with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-169255797
CVE-2021-0478 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.55 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In createPendingIntent of SnoozeHelper.java, there is a possible broadcast intent containing a sensitive identifier. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-174493336
CVE-2021-0480 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.56 IMPROPER INPUT VALIDATION CWE-20
In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-172939189
CVE-2021-0481 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.57 MISSING INITIALIZATION OF RESOURCE CWE-909
In readVector of IMediaPlayer.cpp, there is a possible read of uninitialized heap data due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-173720767
CVE-2021-0484 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.58 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In ActivityPicker.java, there is a possible bypass of user interaction in intent resolution due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-181962311
CVE-2021-0506 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.2.59 OUT-OF-BOUNDS WRITE CWE-787
In handle_rc_metamsg_cmd of btif_rc.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181860042
CVE-2021-0507 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.60 USE AFTER FREE CWE-416
In various functions of DrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176444154
CVE-2021-0508 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.61 USE AFTER FREE CWE-416
In various functions of CryptoPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444161
CVE-2021-0509 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.62 INTEGER OVERFLOW OR WRAPAROUND CWE-190
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-176444622
CVE-2021-0510 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.63 IMPROPER INPUT VALIDATION CWE-20
In Dex2oat of dex2oat.cc, there is a possible way to inject bytecode into an app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11 Android ID: A-178055795
CVE-2021-0511 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.64 OUT-OF-BOUNDS WRITE CWE-787
In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-173843328References: Upstream kernel
CVE-2021-0512 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.65 MISSING AUTHORIZATION CWE-862
In deleteNotificationChannel and related functions of NotificationManagerService.java, there is a possible permission bypass due to improper state validation. This could lead to local escalation of privilege via hidden services with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-156090809
CVE-2021-0513 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.66 CONCURRENT EXECUTION USING SHARED RESOURCE WITH IMPROPER SYNCHRONIZATION ('RACE CONDITION') CWE-362
In several functions of the V8 library, there is a possible use after free due to a race condition. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-9, Android-11, Android-8.1 Android ID: A-162604069
CVE-2021-0514 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.67 OUT-OF-BOUNDS WRITE CWE-787
In Factory::CreateStrictFunctionMap of factory.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote code execution in an unprivileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-167389063
CVE-2021-0515 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.68 USE AFTER FREE CWE-416
In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out-of-bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181660448
CVE-2021-0516 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.69 OUT-OF-BOUNDS WRITE CWE-787
In BITSTREAM_FLUSH of ih264e_bitstream.h, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-176533109
CVE-2021-0519 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.70 USE AFTER FREE CWE-416
In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-10 Android ID: A-176237595
CVE-2021-0520 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.71 MISSING AUTHORIZATION CWE-862
In getAllPackages of PackageManagerService, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure of cross-user permissions with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-174661955
CVE-2021-0521 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.72 USE AFTER FREE CWE-416
In ConnectionHandler::SdpCb of connection_handler.cc, there is a possible out-of-bounds read due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-174182139
CVE-2021-0522 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.73 OUT-OF-BOUNDS READ CWE-125
In verifyBufferObject of Parcel.cpp, there is a possible out-of-bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-179289794
CVE-2021-0584 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.74 OUT-OF-BOUNDS WRITE CWE-787
In beginWrite and beginRead of MessageQueueBase.h, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-184963385
CVE-2021-0585 has been assigned to this vulnerability. A CVSS v3 base score of 6.7 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
3.2.75 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In onCreate of DevicePickerFragment.java, there is a possible way to trick the user to select an unwanted bluetooth device due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-182584940
CVE-2021-0586 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.76 USE AFTER FREE CWE-416
In StreamOut::prepareForWriting of StreamOut.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185259758
CVE-2021-0587 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.77 EXPOSURE OF RESOURCE TO WRONG SPHERE CWE-668
In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9 Android ID: A-177238342
CVE-2021-0588 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.78 OUT-OF-BOUNDS WRITE CWE-787
In BTM_TryAllocateSCN of btm_scn.cc, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180939982
CVE-2021-0589 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.79 EXTERNALLY CONTROLLED REFERENCE TO A RESOURCE IN ANOTHER SPHERE CWE-610
In sendReplyIntentToReceiver of BluetoothPermissionActivity.java, there is a possible way to invoke privileged broadcast receivers due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179386960
CVE-2021-0591 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.2.80 EXTERNALLY CONTROLLED REFERENCE TO A RESOURCE IN ANOTHER SPHERE CWE-610
In sendDevicePickedIntent of DevicePickerFragment.java, there is a possible way to invoke a privileged broadcast receiver due to a confused deputy. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179386068
CVE-2021-0593 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
In onCreate of ConfirmConnectActivity, there is a possible remote bypass of user consent due to improper input validation. This could lead to remote (proximal, NFC) escalation of privilege allowing an attacker to deceive a user into allowing a Bluetooth connection with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-176445224
CVE-2021-0594 has been assigned to this vulnerability. A CVSS v3 base score of 8.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.82 OUT-OF-BOUNDS READ CWE-125
In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-181346550
CVE-2021-0596 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.83 MISSING AUTHORIZATION CWE-862
In notifyProfileAdded and notifyProfileRemoved of SipService.java, there is a possible way to retrieve SIP account names due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-176496502
CVE-2021-0597 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.84 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In onCreate of ConfirmConnectActivity.java, there is a possible pairing of untrusted Bluetooth devices due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-180422108
CVE-2021-0598 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).
3.2.85 EXTERNALLY CONTROLLED REFERENCE TO A RESOURCE IN ANOTHER SPHERE CWE-610
In scheduleTimeoutLocked of NotificationRecord.java, there is a possible disclosure of a sensitive identifier via broadcasted intent due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-175614289
CVE-2021-0599 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.86 IMPROPER INPUT VALIDATION CWE-20
In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-179042963
CVE-2021-0600 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.87 DOUBLE FREE CWE-415
In encodeFrames of avc_enc_fuzzer.cpp, there is a possible out-of-bounds write due to a double free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-180643802
CVE-2021-0601 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.88 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In generateFileInfo of BluetoothOppSendFileInfo.java, there is a possible way to share private files over Bluetooth due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-179910660
CVE-2021-0604 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.89 OUT-OF-BOUNDS WRITE CWE-787
In noteAtomLogged of StatsdStats.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-187957589
CVE-2021-0640 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.90 MISSING AUTHORIZATION CWE-862
In getAvailableSubscriptionInfoList of SubscriptionController.java, there is a possible disclosure of unique identifiers due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185235454
CVE-2021-0641 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.91 MISSING AUTHORIZATION CWE-862
In onResume of VoicemailSettingsFragment.java, there is a possible way to retrieve a trackable identifier without permissions due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-185126149
CVE-2021-0642 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.92 OUT-OF-BOUNDS WRITE CWE-787
In sqlite3_str_vappendf of sqlite3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege if the user can also inject a printf into a privileged process's SQL with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-153352319
CVE-2021-0646 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.93 OUT-OF-BOUNDS READ CWE-125
In WT_InterpolateNoLoop of eas_wtengine.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-190286685
CVE-2021-0650 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.94 IMPROPER INPUT VALIDATION CWE-20
In loadLabel of PackageItemInfo.java, there is a possible way to cause a denial of service in a device by having a long label in an app due to incorrect input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-67013844
CVE-2021-0651 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H).
3.2.95 CONCURRENT EXECUTION USING SHARED RESOURCE WITH IMPROPER SYNCHRONIZATION ('RACE CONDITION') CWE-362
In VectorDrawable::VectorDrawable of VectorDrawable.java, there is a possible way to introduce a memory corruption due to sharing objects that are not thread-safe. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.1, Android-9, Android-10, Android-11 Android ID: A-185178568
CVE-2021-0652 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.96 MISSING AUTHORIZATION CWE-862
In enqueueNotification of NetworkPolicyManagerService.java, there is a possible way to retrieve a trackable identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-177931370
CVE-2021-0653 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.97 MISSING AUTHORIZATION CWE-862
In sendAccessibilityEvent of NotificationManagerService.java, there is a possible disclosure of notification data due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-159624555
CVE-2021-0682 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.98 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In runTraceIpcStop of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-8.1, Android-9, Android-10 Android ID: A-185398942
CVE-2021-0683 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.99 USE AFTER FREE CWE-416
In TouchInputMapper::sync of TouchInputMapper.cpp, there is a possible out-of-bounds write due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-179839665
CVE-2021-0684 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.100 EXCESSIVE ITERATION CWE-834
In ellipsize of Layout.java, there is a possible ANR due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-188913943
CVE-2021-0687 has been assigned to this vulnerability. A CVSS v3 base score of 5.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).
3.2.101 CONCURRENT EXECUTION USING SHARED RESOURCE WITH IMPROPER SYNCHRONIZATION ('RACE CONDITION') CWE-362
In lockNow of PhoneWindowManager.java, there is a possible lock screen bypass due to a race condition. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-161149543
CVE-2021-0688 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.102 OUT-OF-BOUNDS READ CWE-125
In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-8.1, Android-9 Android ID: A-190188264
CVE-2021-0689 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.103 OUT-OF-BOUNDS WRITE CWE-787
In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is a possible out-of-bounds write due to heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-182152757
CVE-2021-0690 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.104 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
In sendBroadcastToInstaller of FirstScreenBroadcast.java, there is a possible activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-11, Android-9, Android-10 Android ID: A-179289753
CVE-2021-0692 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.105 USE AFTER FREE CWE-416
In get_sock_stat of xt_qtaguid.c, there is a possible out-of-bounds read due to a use after free. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-184018316References: Upstream kernel
CVE-2021-0695 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.106 IMPROPER PRESERVATION OF PERMISSIONS CWE-281
In createNoCredentialsPermissionNotification and related functions of AccountManagerService.java, there is a possible way to retrieve accounts from the device without permissions due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-179338675
CVE-2021-0704 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.107 MISSING AUTHORIZATION CWE-862
In startListening of PluginManagerImpl.java, there is a possible way to disable arbitrary app components due to a missing permission check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android Versions: Android-10 Android-11Android ID: A-193444889
CVE-2021-0706 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
3.2.108 EXTERNALLY CONTROLLED REFERENCE TO A RESOURCE IN ANOTHER SPHERE CWE-610
In runDumpHeap of ActivityManagerShellCommand.java, deletion of system files is possible due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-183262161
CVE-2021-0708 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.109 CONCURRENT EXECUTION USING SHARED RESOURCE WITH IMPROPER SYNCHRONIZATION ('RACE CONDITION') CWE-362
In RW_SetActivatedTagType of rw_main.cc, memory corruption is possible due to a race condition. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9, Android-10, Android-11, Android-8.1 Android ID: A-192472262
CVE-2021-0870 has been assigned to this vulnerability. A CVSS v3 base score of 8.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.110 INTEGER OVERFLOW OR WRAPAROUND CWE-190
In getService of IServiceManager.cpp, there is a possible unhandled exception due to an integer overflow. This could lead to local denial of service making the lockscreen unusable with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-197336441
CVE-2021-0919 has been assigned to this vulnerability. A CVSS v3 base score of 5.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).
3.2.111 USE AFTER FREE CWE-416
In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196926917References: Upstream kernel
CVE-2021-0920 has been assigned to this vulnerability. A CVSS v3 base score of 6.4 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).
3.2.112 MISSING AUTHORIZATION CWE-862
In onCreate of NfcImportVCardActivity.java, there is a possible way to add a contact without user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-191053931
CVE-2021-0926 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.113 IMPROPER HANDLING OF EXCEPTIONAL CONDITIONS CWE-755
In createFromParcel of OutputConfiguration.java, there is a possible parcel serialization/deserialization mismatch due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-9 Android ID: A-188675581
CVE-2021-0928 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.114 USE AFTER FREE CWE-416
In ion_dma_buf_end_cpu_access and related functions of ion.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-187527909 References: Upstream kernel
CVE-2021-0929 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.115 OUT-OF-BOUNDS WRITE CWE-787
In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over NFC with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-181660091
CVE-2021-0930 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.116 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In getAlias of BluetoothDevice.java, there is a possible way to create misleading permission dialogs due to missing data filtering. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-180747689
CVE-2021-0931 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.117 IMPROPER ENCODING OR ESCAPING OF OUTPUT CWE-116
In onCreate of CompanionDeviceActivity.java or DeviceChooserActivity.java, there is a possible way for HTML tags to interfere with a consent dialog due to improper input validation. This could lead to remote escalation of privilege, confusing the user into accepting pairing of a malicious Bluetooth device, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-172251622
CVE-2021-0933 has been assigned to this vulnerability. A CVSS v3 base score of 8.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.118 MISSING ENCRYPTION OF SENSITIVE DATA CWE-311
In doCropPhoto of PhotoSelectionHandler.java, there is a possible permission bypass due to a confused deputy. This could lead to local information disclosure of user's contacts with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-195748381
CVE-2021-0952 has been assigned to this vulnerability. A CVSS v3 base score of 5.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N).
3.2.119 IMPROPER PRESERVATION OF PERMISSIONS CWE-281
In setOnClickActivityIntent of SearchWidgetProvider.java, there is a possible way to access contacts and history bookmarks without permission due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-184046278
CVE-2021-0953 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.120 MISSING INITIALIZATION OF RESOURCE CWE-909
In quota_proc_write of xt_quota2.c, there is a possible way to read kernel memory due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-196046570References: Upstream kernel
CVE-2021-0961 has been assigned to this vulnerability. A CVSS v3 base score of 4.4 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
3.2.121 IMPROPER RESTRICTION OF RENDERED UI LAYERS OR FRAMES CWE-1021
In onCreate of KeyChainActivity.java, there is a possible way to use an app certificate stored in keychain due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199754277
CVE-2021-0963 has been assigned to this vulnerability. A CVSS v3 base score of 7.1 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N).
3.2.122 INCORRECT CONVERSION BETWEEN NUMERIC TYPES CWE-681
In C2SoftMP3::process() of C2SoftMp3Dec.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-193363621
CVE-2021-0964 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.123 MISSING AUTHORIZATION CWE-862
In AndroidManifest.xml of Settings, there is a possible pairing of a Bluetooth device without user's consent due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194300867
CVE-2021-0965 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.124 OUT-OF-BOUNDS WRITE CWE-787
In vorbis_book_decodev_set of codebook.c, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-199065614
CVE-2021-0967 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.125 INTEGER OVERFLOW OR WRAPAROUND CWE-190
In osi_malloc and osi_calloc of allocator.cc, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197868577
CVE-2021-0968 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.2.126 DESERIALIZATION OF UNTRUSTED DATA CWE-502
In createFromParcel of GpsNavigationMessage.java, there is a possible Parcel serialization/deserialization mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-196970023
CVE-2021-0970 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.127 BUFFER COPY WITHOUT CHECKING SIZE OF INPUT ('CLASSIC BUFFER OVERFLOW') CWE-120
Possible buffer overflow due to improper validation of device types during P2P search in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.
CVE-2021-1972 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.128 USE AFTER FREE CWE-416
A use after free can occur due to improper validation of P2P device address in PD Request frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking.
CVE-2021-1976 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.129 MISSING INITIALIZATION OF RESOURCE CWE-909
An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.
CVE-2021-29647 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.130 INTEGER OVERFLOW OR WRAPAROUND CWE-190
fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an out-of-bounds write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.
CVE-2021-33909 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.131 USE AFTER FREE CWE-416
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.
CVE-2021-38204 has been assigned to this vulnerability. A CVSS v3 base score of 6.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.132 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126319
CVE-2021-39621 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.133 OUT-OF-BOUNDS WRITE CWE-787
In doRead of SimpleDecodingSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194105348
CVE-2021-39623 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.134 EXTERNALLY CONTROLLED REFERENCE TO A RESOURCE IN ANOTHER SPHERE CWE-610
In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-194695497
CVE-2021-39626 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.135 INCORRECT PERMISSION ASSIGNMENT FOR CRITICAL RESOURCE CWE-732
In sendLegacyVoicemailNotification of LegacyModeSmsHandler.java, there is a possible permissions bypass due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-185126549
CVE-2021-39627 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.136 USE AFTER FREE CWE-416
In phTmlNfc_Init and phTmlNfc_CleanUp of phTmlNfc.cc, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-9 Android ID: A-197353344
CVE-2021-39629 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.137 IMPROPER RESTRICTION OF OPERATIONS WITHIN THE BOUNDS OF A MEMORY BUFFER CWE-119
In gre_handle_offloads of ip_gre.c, there is a possible page fault due to an invalid memory access. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-150694665 References: Upstream kernel
CVE-2021-39633 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.138 USE AFTER FREE CWE-416
In fs/eventpoll.c, there is a possible use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-204450605References: Upstream kernel
CVE-2021-39634 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.139 DOUBLE FREE CWE-415
In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bounds write due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-221862119
CVE-2022-20127 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.140 IMPROPER CHECK FOR UNUSUAL OR EXCEPTIONAL CONDITIONS CWE-754
In transportDec_OutOfBandConfig of tpdec_lib.cpp, there is a possible out-of-bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224314979
CVE-2022-20130 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.141 OUT-OF-BOUNDS READ CWE-125
In USB driver, there is a possible out-of-bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-216825460 References: Upstream kernel
CVE-2022-20227 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).
3.2.142 OUT-OF-BOUNDS WRITE CWE-787
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-224536184
CVE-2022-20229 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.143 IMPROPER INPUT VALIDATION CWE-20
In get of PacProxyService.java, there is a possible system service crash due to improper input validation. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-219498290
CVE-2022-20355 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
3.2.144 OUT-OF-BOUNDS WRITE CWE-787
In avdt_msg_asmbl of avdt_msg.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-232023771
CVE-2022-20411 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.145 USE AFTER FREE CWE-416
In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239630375 References: Upstream kernel
CVE-2022-20421 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.146 CONCURRENT EXECUTION USING SHARED RESOURCE WITH IMPROPER SYNCHRONIZATION ('RACE CONDITION') CWE-362
In emulation_proc_handler of armv8_deprecated.c, there is a possible way to corrupt memory due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-237540956 References: Upstream kernel
CVE-2022-20422 has been assigned to this vulnerability. A CVSS v3 base score of 7.0 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.147 INTEGER OVERFLOW OR WRAPAROUND CWE-190
In rndis_set_response of rndis.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious USB device is attached with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-239842288 References: Upstream kernel
CVE-2022-20423 has been assigned to this vulnerability. A CVSS v3 base score of 4.6 has been calculated; the CVSS vector string is (CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.148 OUT-OF-BOUNDS WRITE CWE-787
In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230356196
CVE-2022-20462 has been assigned to this vulnerability. A CVSS v3 base score of 7.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
3.2.149 INITIALIZATION OF A RESOURCE WITH AN INSECURE DEFAULT CWE-1188
In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-179725730
CVE-2022-20466 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N).
3.2.150 OUT-OF-BOUNDS READ CWE-125
In BNEP_ConnectResp of bnep_api.cc, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-228450451
CVE-2022-20468 has been assigned to this vulnerability. A CVSS v3 base score of 6.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.151 OUT-OF-BOUNDS WRITE CWE-787
In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out-of-bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-230867224
CVE-2022-20469 has been assigned to this vulnerability. A CVSS v3 base score of 8.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.152 OUT-OF-BOUNDS READ CWE-125
In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239210579
CVE-2022-20472 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.153 OUT-OF-BOUNDS READ CWE-125
In toLanguageTag of LocaleListCache.cpp, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-239267173
CVE-2022-20473 has been assigned to this vulnerability. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
3.2.154 LOOP WITH UNREACHABLE EXIT CONDITION ('INFINITE LOOP') CWE-835
In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L Android ID: A-240936919
CVE-2022-20476 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
3.2.155 INTEGER UNDERFLOW (WRAP OR WRAPAROUND) CWE-191
In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out-of-bounds reads due to integer overflows. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-242459126
CVE-2022-20483 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).
3.2.156 OUT-OF-BOUNDS READ CWE-125
In fdt_path_offset_namelen of fdt_ro.c, there is a possible out-of-bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246465319
CVE-2022-20498 has been assigned to this vulnerability. A CVSS v3 base score of 4.4 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).
3.2.157 IMPROPER HANDLING OF EXCEPTIONAL CONDITIONS CWE-755
In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10, Android-11, Android-12, Android-12L, Android-13 Android ID: A-246540168
CVE-2022-20500 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been calculated; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
3.3 BACKGROUND
- CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
- COUNTRIES/AREAS DEPLOYED: Worldwide
- COMPANY HEADQUARTERS LOCATION: Germany
3.4 RESEARCHER
Siemens reported these vulnerabilities to CISA.
4. MITIGATIONS
Siemens has released a new version (V2.2) for SIMATIC RF160B and recommends users update to the latest version.
As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals.
Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage.
For more information see the associated Siemens security advisory SSA-770721 in HTML and CSAF.
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
- Do not click web links or open attachments in unsolicited email messages.
- Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
- Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time.
5. UPDATE HISTORY
- March 14, 2024: Initial Publication
-
Siemens Siveillance Control
14 March 2024
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
1. EXECUTIVE SUMMARY
- CVSS v4 6.8
- ATTENTION: Low Attack Complexity
- Vendor: Siemens
- Equipment: Siveillance Control
- Vulnerability: Incorrect Authorization
2. RISK EVALUATION
Successful exploitation of this vulnerability could allow a local attacker to gain write privileges for objects where they only have read privileges.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following products of Siemens, are affected:
- Siveillance Control: Versions V2.8 and after until V3.1.1
3.2 Vulnerability Overview
3.2.1 INCORRECT AUTHORIZATION CWE-863
The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only have read privileges.
CVE-2023-45793 has been assigned to this vulnerability. A CVSS v3 base score of 5.5 has been assigned; the CVSS vector string is (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N).
A CVSS v4 score has been calculated for CVE-2023-45793. A base score of 6.8 has been calculated; the CVSS vector string is (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N).
3.3 BACKGROUND
- CRITICAL INFRASTRUCTURE SECTORS: Energy
- COUNTRIES/AREAS DEPLOYED: Worldwide
- COMPANY HEADQUARTERS LOCATION: Germany
3.4 RESEARCHER
Siemens reported this vulnerability to CISA.
4. MITIGATIONS
Siemens has released a new version for Siveillance Control and recommends users update to the latest version:
- Update to V3.1.1 or later version
- Restrict access to the machine where the Siveillance Control frontend is installed
As a general security measure, Siemens recommends protecting network access to devices with appropriate mechanisms. To operate the devices in a protected IT environment, Siemens recommends configuring the environment according to Siemens' operational guidelines for industrial security and following recommendations in the product manuals.
Additional information on industrial security by Siemens can be found on the Siemens industrial security webpage.
For more information see the associated Siemens security advisory SSA-145196 in HTML and CSAF.
CISA recommends users take defensive measures to minimize the risk of exploitation of this vulnerability. CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
No known public exploitation specifically targeting this vulnerability has been reported to CISA at this time. This vulnerability is not exploitable remotely.
5. UPDATE HISTORY
- March 14, 2024: Initial Publication
-
Softing edgeConnector
14 March 2024
1. EXECUTIVE SUMMARY
- CVSS v3 7.2
- ATTENTION: Low attack complexity
- Vendor: Softing
- Equipment: edgeConnector
- Vulnerabilities: Cleartext Transmission of Sensitive Information, Path Traversal
2. RISK EVALUATION
Successful exploitation of these vulnerabilities could create conditions that may allow remote code execution.
3. TECHNICAL DETAILS
3.1 AFFECTED PRODUCTS
The following versions of Softing edgeConnector are affected:
- Softing edgeConnector: Version 3.60
- Softing edgeAggregator: Version 3.60
3.2 Vulnerability Overview
3.2.1 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-22
The affected product is vulnerable to an absolute path traversal vulnerability, which may allow an attacker with admin privileges to write to a file or overwrite a file in the filesystem.
CVE-2023-38126 has been assigned to this vulnerability. A CVSS v3.1 base score of 7.2 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
3.2.2 CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319
The affected product is vulnerable to a cleartext transmission of sensitive information vulnerability, which may allow an attacker to capture packets to craft their own requests.
CVE-2024-0860 has been assigned to this vulnerability. A CVSS v3.1 base score of 8.0 has been calculated; the CVSS vector string is (AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).
3.3 BACKGROUND
- CRITICAL INFRASTRUCTURE SECTORS: Critical Manufacturing
- COUNTRIES/AREAS DEPLOYED: Worldwide
- COMPANY HEADQUARTERS LOCATION: Germany
3.4 RESEARCHER
Pan ZhenPeng (@Peterpan0927) and Li JianTao (@CurseRed) of STAR Labs SG Pte. Ltd. (@starlabs_sg) working with Trend Micro Zero Day Initiative reported these vulnerabilities to CISA. Claroty Team82 working with Trend Micro Zero Day Initiative reported these vulnerabilities to CISA
4. MITIGATIONS
Update Softing edgeConnector and edgeAggregator to v3.70 or greater
CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:
- Minimize network exposure for all control system devices and/or systems, ensuring they are not accessible from the internet.
- Locate control system networks and remote devices behind firewalls and isolating them from business networks.
- When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as the connected devices.
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov/ics. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets.
Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov/ics in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
CISA also recommends users take the following measures to protect themselves from social engineering attacks:
- Do not click web links or open attachments in unsolicited email messages.
- Refer to Recognizing and Avoiding Email Scams for more information on avoiding email scams.
- Refer to Avoiding Social Engineering and Phishing Attacks for more information on social engineering attacks.
No known public exploitation specifically targeting these vulnerabilities has been reported to CISA at this time. These vulnerabilities are not exploitable remotely.
5. UPDATE HISTORY
- March 14, 2024: Initial Publication
CASE STUDY
Learn about NNT Change Tracker for Industrial Control Systems (ICS) and Operational Technology (OT)
Change Tracker Gen 7R2: Complete configuration and system integrity assurance combined with the most comprehensive and intelligent change control solution available.
Fast Cloud: Leverage the world’s largest whitelist repository to automatically evaluate and verify the authenticity of file changes in real-time with NNT FAST™ (File Approved-Safe Technology)
Vulnerability Tracker: The world’s only limitless and unrestricted vulnerability scanning solution with unparalleled accuracy and efficiency, protecting your IT assets on premises, in the cloud and mobile endpoints.
Log Tracker: Comprehensive and easy to use security information & event log management with intelligent & self-learning correlation technology to highlight potentially harmful activity in seconds
Are you ready to get started in securing your IT environment with
industry-approved foundational controls, intelligent change control and automation?