CVE-2021-0481
HIGHAndroid 8.1-11 - Unauthorized File Access via EditUserPhotoController URI Handler
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2021-0481. PoCs published by ShaikUsaf.
AI-analyzed exploit summary The repository contains source code files from the Android Open Source Project (AOSP) Settings app, specifically for version AOSP10_r33, which is associated with CVE-2021-0481. The files include various Java classes related to Android settings functionality, but no explicit exploit code or technical analysis is provided.
Description
In onActivityResult of EditUserPhotoController.java, there is a possible access of unauthorized files due to an unexpected URI handler. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11Android ID: A-172939189
Exploits (1)
The repository contains source code files from the Android Open Source Project (AOSP) Settings app, specifically for version AOSP10_r33, which is associated with CVE-2021-0481. The files include various Java classes related to Android settings functionality, but no explicit exploit code or technical analysis is provided.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H