Vulnerabilities > CVE-2021-0973 - Improper Handling of Case Sensitivity vulnerability in Google Android 12.0

047910
CVSS 1.9 - LOW
Attack vector
LOCAL
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE

Summary

In isFileUri of UriUtil.java, there is a possible way to bypass ignoring file://URI attachment due to improper handling of case sensitivity. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-197328178

Vulnerable Configurations

Part Description Count
OS
Google
1

Common Weakness Enumeration (CWE)