Vulnerability Details CVE-2021-27549
Genymotion Desktop through 3.2.0 leaks the host's clipboard data to the Android application by default. NOTE: the vendor's position is that this is intended behavior that can be changed through the Settings > Device screen
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 44.2%
CVSS Severity
CVSS v3 Score 5.3
CVSS v2 Score 5.0
References
- https://docs.genymotion.com/desktop/latest/02_Application.html
- https://github.com/eybisi/misc/tree/main/clipwatch
- https://twitter.com/0xabc0/status/1363788023956185090
- https://twitter.com/0xabc0/status/1363855602477387783
- https://twitter.com/0xabc0/status/1363856804602671104
- https://www.genymotion.com/download/
- https://www.youtube.com/watch?v=Tod8Q6sf0P8
- https://docs.genymotion.com/desktop/latest/02_Application.html
- https://github.com/eybisi/misc/tree/main/clipwatch
- https://twitter.com/0xabc0/status/1363788023956185090
- https://twitter.com/0xabc0/status/1363855602477387783
- https://twitter.com/0xabc0/status/1363856804602671104
- https://www.genymotion.com/download/
- https://www.youtube.com/watch?v=Tod8Q6sf0P8
Products affected by CVE-2021-27549
-
cpe:2.3:a:genymobile:genymotion_desktop:1.0.0
-
cpe:2.3:a:genymobile:genymotion_desktop:1.1.0
-
cpe:2.3:a:genymobile:genymotion_desktop:1.2.1
-
cpe:2.3:a:genymobile:genymotion_desktop:1.3.0
-
cpe:2.3:a:genymobile:genymotion_desktop:1.3.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.0.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.0.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.0.2
-
cpe:2.3:a:genymobile:genymotion_desktop:2.0.3
-
cpe:2.3:a:genymobile:genymotion_desktop:2.1.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.1.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.10.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.11.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.12.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.12.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.12.2
-
cpe:2.3:a:genymobile:genymotion_desktop:2.2.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.2.2
-
cpe:2.3:a:genymobile:genymotion_desktop:2.3.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.3.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.4.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.5.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.5.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.5.2
-
cpe:2.3:a:genymobile:genymotion_desktop:2.5.3
-
cpe:2.3:a:genymobile:genymotion_desktop:2.5.4
-
cpe:2.3:a:genymobile:genymotion_desktop:2.6.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.7.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.7.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.7.2
-
cpe:2.3:a:genymobile:genymotion_desktop:2.8.0
-
cpe:2.3:a:genymobile:genymotion_desktop:2.8.1
-
cpe:2.3:a:genymobile:genymotion_desktop:2.9.0
-
cpe:2.3:a:genymobile:genymotion_desktop:3.0.0
-
cpe:2.3:a:genymobile:genymotion_desktop:3.0.1
-
cpe:2.3:a:genymobile:genymotion_desktop:3.0.2
-
cpe:2.3:a:genymobile:genymotion_desktop:3.0.3
-
cpe:2.3:a:genymobile:genymotion_desktop:3.0.4
-
cpe:2.3:a:genymobile:genymotion_desktop:3.1.0
-
cpe:2.3:a:genymobile:genymotion_desktop:3.1.1
-
cpe:2.3:a:genymobile:genymotion_desktop:3.1.2
-
cpe:2.3:a:genymobile:genymotion_desktop:3.2.0