VDB

CVE-2021-39619

CVE-2021-39619 PUBLISHED CVSS 7.199999809265137 HIGH

In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197399948

EPSS 0.01% · 2.0th percentile

Risk Scores

CVSS 2.0
7.199999809265137
EPSS Score
0.01%
2.0th percentile

Affected Products

VendorProductVersions
googleandroid11.0, 12.0
n/aAndroidAndroid-11 Android-12

Timeline

  • Feb 8, 2022 CVE Published
  • Feb 13, 2022 EPSS Score
  • Feb 16, 2022 EPSS Score
  • Apr 6, 2022 EPSS Score
  • May 29, 2022 EPSS Score
  • Jul 21, 2022 EPSS Score
  • Sep 11, 2022 EPSS Score
  • Nov 2, 2022 EPSS Score
  • Dec 25, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Apr 8, 2023 EPSS Score
  • May 30, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›