Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In LocationSettingsActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-182812255
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Automotive Os安全漏洞
Vulnerability Description
Google Android Automotive Os是美国谷歌(Google)公司的一种直接在车载硬件上运行的操作系统和平台。 Android Automotive Os中存在安全漏洞,该漏洞源于在 AndroidManifest.xml 的 LocationSettingsActivity 中,由于 Tapjacking/overlay 攻击,可能存在 EoP。这可能会导致本地权限升级,而无需额外的执行权限。开发需要用户交互。
CVSS Information
N/A
Vulnerability Type
N/A