CVE-2021-0339

HIGH

Android - Local Privilege Escalation via WindowContainer Animation Handling

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-0339. PoCs published by nanopathi.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2021-0339, demonstrating an autofill-related vulnerability in Android. The test cases manipulate focus events and autofill service responses to trigger the vulnerability.

Description

In loadAnimation of WindowContainer.java, there is a possible way to keep displaying a malicious app while a target app is brought to the foreground. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-145728687

Exploits (1)

nomisec WORKING POC 1 stars

by nanopathi · poc

https://github.com/nanopathi/framework_base_AOSP10_r33_CVE-2021-0339

View Code ZIP pw:eip

This repository contains functional exploit code for CVE-2021-0339, demonstrating an autofill-related vulnerability in Android. The test cases manipulate focus events and autofill service responses to trigger the vulnerability.

Classification

Working Poc 90%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Android (AOSP 10 r33)

No auth needed

Prerequisites: Android device with autofill service enabled

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://source.android.com/security/bulletin/2021-02-01

Scores

CVSS v3 7.8

EPSS 0.0073

EPSS Percentile 49.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-754

Status published

Products (3)

google/android 8.1

google/android 9.0

google/android 10.0

Published Feb 10, 2021

Tracked Since Feb 18, 2026