CVE-2021-0328

HIGH

Android - Missing Authorization in GattService Bluetooth Scan Result Retrieval

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-0328. PoCs published by ShaikUsaf.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2021-0328, targeting Bluetooth components in Android AOSP10. The code includes JNI implementations for Bluetooth A2DP, AVRCP, and other protocols, demonstrating the vulnerability in the Bluetooth stack.

Description

In onBatchScanReports and deliverBatchScan of GattService.java, there is a possible way to retrieve Bluetooth scan results without permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-8.1 Android-9Android ID: A-172670415

Exploits (1)

nomisec WORKING POC

by ShaikUsaf · poc

https://github.com/ShaikUsaf/packages_apps_Bluetooth_AOSP10_r33_CVE-2021-0328

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2021-0328, targeting Bluetooth components in Android AOSP10. The code includes JNI implementations for Bluetooth A2DP, AVRCP, and other protocols, demonstrating the vulnerability in the Bluetooth stack.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Android AOSP10 Bluetooth Stack

No auth needed

Prerequisites: Physical proximity to the target device · Bluetooth enabled on the target device

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://source.android.com/security/bulletin/2021-02-01

Scores

CVSS v3 7.8

EPSS 0.0024

EPSS Percentile 14.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-862

Status published

Products (4)

google/android 8.1

google/android 9.0

google/android 10.0

google/android 11.0

Published Feb 10, 2021

Tracked Since Feb 18, 2026