Description
In onTargetSelected of ResolverActivity.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-163358811
Exploits (1)
nomisec
WRITEUP
by ShaikUsaf · poc
https://github.com/ShaikUsaf/frameworks_base_AOSP10_r33_CVE-2021-0334
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/2021-02-01
Scores
CVSS v3
7.8
EPSS
0.0001
EPSS Percentile
0.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-732
Status
published
Products (4)
google/android
8.1
google/android
9.0
google/android
10.0
google/android
11.0
Published
Feb 10, 2021
Tracked Since
Feb 18, 2026