Vulnerabilities > CVE-2021-25515 - Exposure of Resource to Wrong Sphere vulnerability in Google Android 10.0/11.0/9.0

047910
CVSS 2.1 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
local
low complexity
google
CWE-668
NVD
Published: 2021-12-08
Updated: 2022-08-01

Summary

An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID.

Vulnerable Configurations

Part Description Count
OS
Google
3

Common Weakness Enumeration (CWE)

References