An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within…
google_android·CWE-367·Published 2017-02-08
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33042690.
An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-33042690.
Una vulnerabilidad de elevación de privilegio en el Framework APIs podría permitir a una aplicación local maliciosa local ejecutar código arbitrario dentro del contexto de un proceso privilegiado. Este problema está clasificado como High porque podría utilizarse para obtener acceso local a capacidades elevadas, que normalmente no son accesibles a una aplicación de terceros. Producto: Android. Versiones: 7.0, 7.1.1. Android ID: A-33042690.
| Version | Type | Source | Base | Exp | Impact | Vector |
|---|---|---|---|---|---|---|
| 2.0 | Primary | NVD | 9.3 | 8.6 | 10.0 | AV:N/AC:M/Au:N/C:C/I:C/A:C |
| 3.0 | Primary | NVD | 7.8 | 1.8 | 5.9 | CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H |