VDB
CVE-2021-39625
CVE-2021-39625
PUBLISHED
CVSS 6.900000095367432 MEDIUM
In showCarrierAppInstallationNotification of EuiccNotificationManager.java, there is a possible way to gain an access to MediaProvider content due to an unsafe PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-194695347
EPSS 0.01% · 2.0th percentile
Risk Scores
CVSS 2.0
6.900000095367432
EPSS Score
0.01%
2.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | Android | * |
| android | 9.0, 10.0, 12.0 |
Exploit Intelligence
Timeline
- Jan 5, 2022 CVE Published
- Jan 15, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Mar 9, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Jun 24, 2022 EPSS Score
- Aug 17, 2022 EPSS Score
- Oct 9, 2022 EPSS Score
- Dec 2, 2022 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 18, 2023 EPSS Score
- May 10, 2023 EPSS Score