VDB

CVE-2021-39625

CVE-2021-39625 PUBLISHED CVSS 6.900000095367432 MEDIUM

In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695347

EPSS 0.01% · 2.0th percentile

Risk Scores

CVSS 2.0
6.900000095367432
EPSS Score
0.01%
2.0th percentile

Affected Products

VendorProductVersions
n/aAndroid*
googleandroid9.0, 10.0, 12.0

Timeline

  • Jan 5, 2022 CVE Published
  • Jan 15, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Mar 9, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jun 24, 2022 EPSS Score
  • Aug 17, 2022 EPSS Score
  • Oct 9, 2022 EPSS Score
  • Dec 2, 2022 EPSS Score
  • Mar 7, 2023 EPSS Score
  • Mar 18, 2023 EPSS Score
  • May 10, 2023 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›