CVE-2019-2173

In startActivityMayWait of ActivityStarter.java, there is a possible incorrect Activity launch due to an incorrect permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9Android ID: A-123013720
References
Link Resource
https://source.android.com/security/bulletin/2019-10-01 Patch Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*

Information

Published : 2019-10-11 19:15

Updated : 2019-10-16 17:18


NVD link : CVE-2019-2173

Mitre link : CVE-2019-2173


JSON object : View

Products Affected

google

  • android
CWE
CWE-276

Incorrect Default Permissions