CVE-2021-33699

MEDIUM

Android - Info Disclosure

Title source: llm

Description

Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information.

Exploits (1)

nomisec STUB

by naroSEC · poc

https://github.com/naroSEC/CVE-2021-33699_Task_Hijacking

View Code ZIP pw:eip

References (2)

Core 2

Core References

Permissions Required, Vendor Advisory x_refsource_misc

https://launchpad.support.sap.com/#/notes/3067219

Vendor Advisory x_refsource_misc

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=582222806

Scores

CVSS v3 6.5

EPSS 0.0221

EPSS Percentile 84.6%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

Status published

Products (1)

sap/fiori_client 3.2

Published Aug 10, 2021

Tracked Since Feb 18, 2026