Possible Local Escalation of Privilege Vulnerability in GrantPermissionsActivity.java

Possible Local Escalation of Privilege Vulnerability in GrantPermissionsActivity.java

CVE-2019-2005 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

In onPermissionGrantResult of GrantPermissionsActivity.java, there is a possible incorrectly granted permission due to a missing permission check. This could lead to local escalation of privilege on a locked device with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-68777217

Learn more about our Cis Benchmark Audit For Google Android.