Vulnerability Details CVE-2021-0385
In createConnectToAvailableNetworkNotification of ConnectToNetworkNotificationBuilder.java, there is a possible connection to untrusted WiFi networks due to notification interaction above the lockscreen. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-172584372
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References