#VU51899 Security restrictions bypass in Google Android - CVE-2021-0426
Published: April 5, 2021
Vulnerability identifier: #VU51899
Vulnerability risk: Low
CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-0426
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vulnerable software:
Google Android
Google Android
Software vendor:
Google
Description
The vulnerability allows an attacker to bypass implemented security restrictions.
The vulnerability exists in Statsd in Android Framework component due to incorrect privilege management. An attacker can bypass implemented security restrictions and gain access to otherwise restricted functionality.
Remediation
Install updates from vendor's website.