ASB-A-205150380

See a problem?

Import Source

https://storage.googleapis.com/android-osv/ASB-A-205150380.json

JSON Data

https://api.osv.dev/v1/vulns/ASB-A-205150380

Aliases

A-205150380
CVE-2021-39702

Published

2022-03-01T00:00:00Z

Modified

2026-04-17T15:55:28.020024Z

Summary

[none]

Details

In onCreate of RequestManageCredentials.java, there is a possible way for a third party app to install certificates without user approval due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Package

Name: platform/packages/apps/Settings

Affected ranges

Type: ECOSYSTEM
Events: Introduced

12:0

Fixed

12:2022-03-01

Affected versions

Other

Ecosystem specific

{
    "severity": "High",
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/db9333baac7c609a32536a2f8d66233132306aab"
    ],
    "spl": "2022-03-01",
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/db9333baac7c609a32536a2f8d66233132306aab",
            "target": {
                "function": "onCreate",
                "file": "src/com/android/settings/security/RequestManageCredentials.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "277867023790668579004413473741191748586",
                "length": 1766.0
            },
            "signature_type": "Function",
            "id": "ASB-A-205150380-07b4118c"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/db9333baac7c609a32536a2f8d66233132306aab",
            "target": {
                "file": "src/com/android/settings/security/RequestManageCredentials.java"
            },
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "267343853785936738964853057775813326856",
                    "261060228391238222735109636872968360464",
                    "222610515129640799286212911521463389127",
                    "176675007157304542194811197816439150968",
                    "338278486223187615581482700010268539844",
                    "309232157662803240359090951246495139407",
                    "221031157593952149896326517025400321224",
                    "21250626263649833577876446440916785752",
                    "119038241698840622044607644332160950733",
                    "63759581288218213990998457882821900364"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "ASB-A-205150380-abf39b84"
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/db9333baac7c609a32536a2f8d66233132306aab",
            "target": {
                "function": "loadButtons",
                "file": "src/com/android/settings/security/RequestManageCredentials.java"
            },
            "deprecated": false,
            "digest": {
                "function_hash": "309050128351288305746507645676509705831",
                "length": 378.0
            },
            "signature_type": "Function",
            "id": "ASB-A-205150380-b6a43f3f"
        }
    ],
    "types": [
        "EoP"
    ]
}

Database specific

source

"https://storage.googleapis.com/android-osv/ASB-A-205150380.json"