Vulnerabilities > CVE-2021-25409 - Missing Authorization vulnerability in Google Android 10.0

047910
CVSS 2.4 - LOW
Attack vector
PHYSICAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
low complexity
google
CWE-862

Summary

Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device.

Vulnerable Configurations

Part Description Count
OS
Google
1

Common Weakness Enumeration (CWE)