CVE-2021-0487 — Vulnetix

CVE-2021-0487 PUBLISHED

In getMinimalSize of PipBoundsAlgorithm.java, there is a possible bypass of restrictions on background processes due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302616

EPSS 0.01% · 1.7th percentile

Risk Scores

EPSS Score

0.01%

1.7th percentile

Affected Products

Vendor	Product	Versions
n/a	Android	Android-11

Timeline

May 4, 2021 CVE Published
Jun 12, 2021 EPSS Score
Aug 13, 2021 EPSS Score
Oct 12, 2021 EPSS Score
Dec 12, 2021 EPSS Score
Feb 4, 2022 EPSS Score
Feb 11, 2022 EPSS Score
Apr 1, 2022 EPSS Score
Apr 12, 2022 EPSS Score
Jun 12, 2022 EPSS Score
Aug 13, 2022 EPSS Score
Oct 12, 2022 EPSS Score

References

https://source.android.com/security/bulletin/pixel/2021-05-01 advisory
https://source.android.com/security/bulletin/2021-05-01 advisory

Open in Interactive Console →