{"vulnerability": "CVE-2021-39675", "sightings": [{"uuid": "c856ddfe-0a88-41ee-8e46-927360b1d0c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39675", "type": "published-proof-of-concept", "source": "https://t.me/cKure/8747", "content": "CVE-2021-39675, is present in the mobile OS's System component, and can be abused to achieve remote escalation of privilege without the user needing to do anything at all, and \"with no additional execution privileges needed,\" as Google puts it. \n\nhttps://source.android.com/security/bulletin/2022-02-01\n\nChange management: https://android.googlesource.com/platform/system/nfc/+/fef77a189022aa7ac53136e582a1444b1d2ef5f0%5E%21/#F0\n\nReference: https://www.theregister.com/2022/02/09/android_security_bulletin/", "creation_timestamp": "2022-02-09T17:42:07.000000Z"}, {"uuid": "1c550d20-edbd-492d-b8af-0698c91f1a79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39675", "type": "published-proof-of-concept", "source": "https://t.me/ckuRED/90", "content": "CVE-2021-39675, is present in the mobile OS's System component, and can be abused to achieve remote escalation of privilege without the user needing to do anything at all, and \"with no additional execution privileges needed,\" as Google puts it. \n\nhttps://source.android.com/security/bulletin/2022-02-01\n\nChange management: https://android.googlesource.com/platform/system/nfc/+/fef77a189022aa7ac53136e582a1444b1d2ef5f0%5E%21/#F0\n\nReference: https://www.theregister.com/2022/02/09/android_security_bulletin/", "creation_timestamp": "2022-02-09T17:42:02.000000Z"}, {"uuid": "ad3e8758-327c-4a91-987f-3985899708d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39675", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4555", "content": "\u0424\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u0438\u0439 \u043f\u0430\u0442\u0447 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f Android, \u043f\u043e\u043c\u0438\u043c\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 CVE-2021-39675 \u2014\u00a0\u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u044d\u0441\u043a\u0430\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0431\u0435\u0437 \u043a\u0430\u043a\u043e\u0433\u043e-\u043b\u0438\u0431\u043e \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0441\u0442\u0435\u0441\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442 Google \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u043e\u0441\u0442\u0435:\n\nhttps://source.android.com/security/bulletin/2022-02-01\n\n\u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u043c\u0430\u043b\u043e, \u043f\u043e\u0442\u043e\u043c\u0443 \u0447\u0442\u043e, \u0432\u0438\u0434\u0438\u043c\u043e, \u043d\u0443\u0436\u043d\u043e \u0434\u0430\u0442\u044c \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f\u043c \u0432\u044b\u043a\u0430\u0442\u0438\u0442\u044c \u0430\u043f\u0434\u0435\u0439\u0442 \u0434\u043b\u044f \u0441\u0432\u043e\u0438\u0445 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u043e\u0432. \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e, \u0447\u0442\u043e \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u0434\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0440\u0430\u0431\u043e\u0442\u0443 NFC, \u0442\u0430\u043a \u0447\u0442\u043e, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0433\u0434\u0435-\u0442\u043e \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u0442\u0435. \nhttps://android.googlesource.com/platform/system/nfc/+/fef77a189022aa7ac53136e582a1444b1d2ef5f0%5E%21/#F0\n\n\u041a\u0441\u0442\u0430\u0442\u0438, \u0435\u0441\u043b\u0438 \u0443 \u0432\u0430\u0441 Pixel 3/3XL, \u0442\u043e \u044d\u0442\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0439 \u0430\u043f\u0434\u0435\u0439\u0442, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u044d\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.", "creation_timestamp": "2022-02-09T15:15:00.000000Z"}, {"uuid": "983e68ad-1705-4a02-b5dc-3d54a2f88f14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39675", "type": "seen", "source": "https://t.me/cyberbannews_ir/5070", "content": "\ud83d\uded1\u0627\u0635\u0644\u0627\u062d \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc \u062f\u0631 \u0627\u0646\u062f\u0631\u0648\u06cc\u062f 12\n\n\u06af\u0648\u06af\u0644 \u0628\u0627 \u0627\u0646\u062a\u0634\u0627\u0631 \u0622\u067e\u062f\u06cc\u062a \u0627\u0645\u0646\u06cc\u062a\u06cc \u0641\u0648\u0631\u06cc\u0647 2022 \u0627\u0646\u062f\u0631\u0648\u06cc\u062f\u060c \u062f\u0648 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc \u0631\u0627 \u0627\u0635\u0644\u0627\u062d \u06a9\u0631\u062f. \u06cc\u06a9\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627 \u0627\u0632 \u0646\u0648\u0639 \u0627\u0631\u062a\u0642\u0627\u0621 \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0633\u062a \u06a9\u0647 \u0628\u0647 \u062f\u062e\u0627\u0644\u062a \u06a9\u0627\u0631\u0628\u0631 \u0646\u06cc\u0627\u0632 \u0646\u062f\u0627\u0631\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062c\u062f\u06cc (CVE-2021-39675) \u062a\u0646\u0647\u0627\u060c \u0627\u0646\u062f\u0631\u0648\u06cc\u062f 12 \u0631\u0627 \u062a\u062d\u062a \u0627\u0644\u0634\u0639\u0627\u0639 \u0642\u0631\u0627\u0631 \u0645\u06cc \u062f\u0647\u062f. \n\n#\u0627\u0646\u062f\u0631\u0648\u06cc\u062f\n\n\u2705 \u0628\u06cc\u0634\u062a\u0631 \u0628\u062e\u0648\u0627\u0646\u06cc\u062f:\nhttps://bit.ly/3gAtDpq\n\n@cyberbannews_ir", "creation_timestamp": "2022-02-09T10:35:01.000000Z"}, {"uuid": "377fd19d-7c0a-4ee3-8ba4-86c16f6975f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-39675", "type": "seen", "source": "https://t.me/cibsecurity/37325", "content": "\u203c CVE-2021-39675 \u203c\n\nIn GKI_getbuf of gki_buffer.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android ID: A-205729183\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-11T20:34:48.000000Z"}]}