CVE-2021-39764
HIGHAndroid 12L - Local Privilege Escalation via App Spoofing
Title source: llmDescription
In Settings, there is a possible way to display an incorrect app name due to improper input validation. This could lead to local escalation of privilege via app spoofing with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-170642995
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/android-12l
Scores
CVSS v3
7.8
EPSS
0.0031
EPSS Percentile
22.5%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
google/android
12.1
Published
Mar 30, 2022
Tracked Since
Feb 18, 2026