CVE-2021-0584
CVE information
Published
Last Modified
CVSSv2.0 Severity
CVSSv3.1 Severity
Impact Analysis
Description
In verifyBufferObject of Parcel.cpp, there is a possible out of bounds read due to an improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.1 Android-9 Android-10Android ID: A-179289794.
CVSSv2.0 Score
- Severity
- Low
- Base Score
- 2.1/10
- Exploit Score
- 3.9/10
- Access Vector
- Local
- Access Complexity
- Low
- Authentication Required
- None
- Impact Score
- 2.9/10
- Confidentiality Impact
- Partial
- Availability Impact
- None
- Integrity Impact
- None
CVSSv3.1 Score
- Severity
- Medium
- Base Score
- 5.5/10
- Exploit Score
- 1.8/10
- Access Vector
- Local
- Access Complexity
- Low
- Privileges Required
- Low
- Impact Score
- 3.6/10
- Confidentiality Impact
- High
- Availability Impact
- None
- Integrity Impact
- None
- Scope
- Unchanged
- User Interaction
- None
Products Affected
CPE | Affected | Vulnerable | Excluding | Edit |
---|---|---|---|---|
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:* |
Yes
|
- | - | |
cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:* |
Yes
|
- | - |
Get started for free to scan for vulnerabilites.
Download Mageni. It is free to get started and can be installed in Windows, macOS and Linux.