Insufficient Protection of Permission UI in WebAPKs in Google Chrome on Android: Privacy/Security Sensitive Web API Access Vulnerability

Insufficient Protection of Permission UI in WebAPKs in Google Chrome on Android: Privacy/Security Sensitive Web API Access Vulnerability

CVE-2019-5767 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Insufficient protection of permission UI in WebAPKs in Google Chrome on Android prior to 72.0.3626.81 allowed an attacker who convinced the user to install a malicious application to access privacy/security sensitive web APIs via a crafted APK.

Learn more about our Cis Benchmark Audit For Google Android.