CVE-2021-0984

HIGH Year: 2021
CVSS v3 Score
7.8
High
CVSS v2 Score
4.6
Medium
Weakness Type
CWE-404
View all →

Vulnerability Description

In onNullBinding of ManagedServices.java, there is a possible permission bypass due to an incorrectly unbound service. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-192475653

Related Vulnerabilities

CVE-2017-0769

HIGH
CVSS:7.8(High)

A elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-37662122.

CWE-4042017

CVE-2017-11016

HIGH
CVSS:7.8(High)

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when memory allocation fails while creating a calibration block in create_cal_block stal...

CWE-4042017

CVE-2018-6592

HIGH
CVSS:7.8(High)

Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage.

CWE-4042018

CVE-2018-8164

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows ...

CWE-4042018

CVE-2018-8165

HIGH
CVSS:7.8(High)

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability...

CWE-4042018

CVE-2018-8210

HIGH
CVSS:7.8(High)

A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, ...

CWE-4042018