CVE-2021-1015

LOW Year: 2021
CVSS v3 Score
3.3
Low
CVSS v2 Score
2.1
Low
Weakness Type
CWE-203
View all →

Vulnerability Description

In getMeidForSlot of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-186530496

Related Vulnerabilities

CVE-2020-24512

LOW
CVSS:3.3(Low)

Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

CWE-2032020

CVE-2021-0987

LOW
CVSS:3.3(Low)

In getNeighboringCellInfo of PhoneInterfaceManager.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This c...

CWE-2032021

CVE-2021-0988

LOW
CVSS:3.3(Low)

In getLaunchedFromUid and getLaunchedFromPackage of ActivityClientController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel info...

CWE-2032021

CVE-2021-0989

LOW
CVSS:3.3(Low)

In hasManageOngoingCallsPermission of TelecomServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. ...

CWE-2032021

CVE-2021-0990

LOW
CVSS:3.3(Low)

In getDeviceId of PhoneSubInfoController.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead ...

CWE-2032021

CVE-2021-0995

LOW
CVSS:3.3(Low)

In registerSuggestionConnectionStatusListener of WifiServiceImpl.java, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disc...

CWE-2032021