Incorrect permission assignment for critical resource in Google Android - CVE-2018-21081
Published: April 8, 2020 / Updated: August 8, 2020
Google Android
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to read and manipulate data.
An issue was discovered on Samsung mobile devices with N(7.x) software. In Dual Messenger, the second app can use the runtime permissions of the first app without a user's consent. The Samsung ID is SVE-2017-11018 (March 2018).