CVE-2018-21071

HIGH

Android - Unprotected Intent Exposure of Sensitive Information

Title source: llm
STIX 2.1

Description

An issue was discovered on Samsung mobile devices with M(6.0) software. Because of an unprotected intent, an attacker can read arbitrary files and emails, and take over an email account. The Samsung ID is SVE-2018-11633 (May 2018).

References (1)

Core 1
Core References
Vendor Advisory x_refsource_confirm
https://security.samsungmobile.com/securityUpdate.smsb

Scores

CVSS v3 7.3
EPSS 0.0032
EPSS Percentile 24.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Details

CWE
CWE-200
Status published
Products (1)
google/android 6.0
Published Apr 08, 2020
Tracked Since Feb 18, 2026