CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-0517

In updateCapabilities of ConnectivityService.java, there is a possible incorrect network state determination due to a logic error in the code. This could lead to biasing of networking tasks to occur on non-VPN networks, which could lead to remote information disclosure, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-179053823

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 50.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://source.android.com/security/bulletin/2021-06-01
https://source.android.com/security/bulletin/2021-06-01

Products affected by CVE-2021-0517

Google » Android » Version: 11.0

cpe:2.3:o:google:android:11.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-0517

Products

Pricing

Contact Us