CVE-2021-0734 - In Settings, there is a possible way to determine whether an app is installed without query permissi

CVE-2021-0734

Summary

In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permissions, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-189122911

References

https://source.android.com/security/bulletin/android-13

Vulnerable Configurations

cpe:2.3:o:google:android:13.0.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:13.0.0:*:*:*:*:*:*:*

CVSS

Base:	None
Impact:
Exploitability:

CWE

CWE-668

CAPEC

Access

Vector	Complexity	Authentication

Impact

Confidentiality	Integrity	Availability

Last major update

13-08-2022 - 02:13

Published

11-08-2022 - 15:15

Last modified

13-08-2022 - 02:13