VDB
CVE-2021-28663
CVE-2021-28663
PUBLISHED
KEV
In getMinimalSize of PipBoundsAlgorithm.java, there is a possible bypass of restrictions on background processes due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302616
EPSS 3.62% · 88.0th percentile
Risk Scores
EPSS Score
3.62%
88.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Android | Android-11 |
Exploit Intelligence
- A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability) (github-poc)
- A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability) (github-poc)
- A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability) (github-poc)
- A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability) (github-poc)
- A basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability) (github-poc)
- https://github.com/lntrx/CVE-2021-28663 (nist-nvd)
- https://source.android.com/security/bulletin/2021-05-01 (circl)
- Use-after-free in Mali GPU (ARM Android) (gpz)
- Use-after-free in Mali GPU (ARM Android) (gpz)
- Use-after-free in Mali GPU (ARM Android) (gpz)
…and 13 more exploits
Timeline
- May 3, 2021 PoC Published
- May 4, 2021 CVE Published
- May 11, 2021 EPSS Score
- Sep 2, 2021 EPSS Score
- Sep 14, 2021 EPSS Score
- Nov 3, 2021 CISA KEV Added
- Jan 15, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- May 19, 2022 EPSS Score
- Sep 20, 2022 EPSS Score
- Nov 21, 2022 EPSS Score
- Feb 24, 2023 EPSS Score