Vulnerabilities > CVE-2021-25515 - Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/9.0

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
LOW
Integrity impact
NONE
Availability impact
NONE
local
low complexity
google
CWE-668

Summary

An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.

Vulnerable Configurations

Part Description Count
OS
Google
3

Common Weakness Enumeration (CWE)