ASB-A-209446496
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-209446496.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-209446496
- Aliases
-
- A-209446496
- CVE-2021-39807
- Published
- 2022-04-01T00:00:00Z
- Modified
- 2025-11-04T16:30:24.675950Z
- Summary
- [none]
- Details
-
In handleNfcStateChanged of SecureNfcEnabler.java, there is a possible way to enable NFC from the Guest account due to a missing permission check. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"spl": "2022-04-05",
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e543a38f6037cee6f6237c755d9fdc00270d6e2",
"digest": {
"function_hash": "127039390748364425891178181785151239171",
"length": 82.0
},
"target": {
"function": "SecureNfcEnabler",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-28f8d628",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e543a38f6037cee6f6237c755d9fdc00270d6e2",
"digest": {
"function_hash": "282752491468255757792423787937123980138",
"length": 262.0
},
"signature_version": "v1",
"id": "ASB-A-209446496-32218f24",
"match_only_versions": [
"10"
],
"signature_type": "Function",
"target": {
"function": "getNonIndexableKeys",
"file": "src/com/android/settings/connecteddevice/AdvancedConnectedDeviceDashboardFragment.java"
}
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e543a38f6037cee6f6237c755d9fdc00270d6e2",
"digest": {
"line_hashes": [
"104640340823179530859982387541045009359",
"54077344772517366223645446965945596572",
"57316047783306358646712498073955376079"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "ASB-A-209446496-cd52b39b",
"match_only_versions": [
"10"
],
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/nfc/SecureNfcPreferenceController.java"
}
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e543a38f6037cee6f6237c755d9fdc00270d6e2",
"digest": {
"function_hash": "44364368635206463946580718456940636632",
"length": 547.0
},
"target": {
"function": "handleNfcStateChanged",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-d6547adc",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e543a38f6037cee6f6237c755d9fdc00270d6e2",
"digest": {
"line_hashes": [
"78665594081758831960176424858478020825",
"171071211868076758317199496074877610806",
"93959810514345626888469960487788463701",
"89036061155262175367535221140820362232",
"39102001788302046623454440679496411262",
"191746087133540115132130798065738436759",
"156072748411938088002050525166400795974",
"150578447178704079897889964007817892065",
"79407049416702579768023041517668425937",
"45601423319242074519627616342741264430",
"142054889039160123904375712824533928056",
"250776634068925222533131529590206841548",
"135524816208115480152044850452397667319"
],
"threshold": 0.9
},
"signature_version": "v1",
"id": "ASB-A-209446496-e4f4dba4",
"match_only_versions": [
"10"
],
"signature_type": "Line",
"target": {
"file": "src/com/android/settings/connecteddevice/AdvancedConnectedDeviceDashboardFragment.java"
}
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/4e543a38f6037cee6f6237c755d9fdc00270d6e2",
"digest": {
"line_hashes": [
"24929154912866296258003856795052035698",
"102985994623774707472884171700885947163",
"28629836810280458568764820646968600580",
"157372545684039080746348332028554779667",
"248037606502086375276121672084761026974",
"244779512637814176098350952546511676167",
"91852767605856262281093661707503156980",
"179424779785096709195201883026574155013",
"167406583980043863501189067292388973488",
"226208579727948403648167630623307804907",
"206422986024070089075164415342025238466",
"120323037648485951366567017292489195608",
"222717576057888766947304829867241126022",
"176716013815801271371011895249285319184",
"340046370131221628976650780733953479947",
"24981409069758245919959226956839528696",
"255288383093687017670599869428382125856",
"75407180318704451699303769443305508093"
],
"threshold": 0.9
},
"target": {
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-f6b9c654",
"signature_version": "v1",
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/4e543a38f6037cee6f6237c755d9fdc00270d6e2"
]
}platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"spl": "2022-04-05",
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"function_hash": "44364368635206463946580718456940636632",
"length": 547.0
},
"target": {
"function": "handleNfcStateChanged",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-9bac3d4d",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"line_hashes": [
"41316701183679083181387877749634756102",
"41790578179167789807707609587394117715",
"164918464923637698435955425395342737892",
"325290779790417954361537207831400346090"
],
"threshold": 0.9
},
"target": {
"file": "src/com/android/settings/connecteddevice/NfcAndPaymentFragment.java"
},
"id": "ASB-A-209446496-b6edc127",
"signature_version": "v1",
"signature_type": "Line"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"function_hash": "127039390748364425891178181785151239171",
"length": 82.0
},
"target": {
"function": "SecureNfcEnabler",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-bbd864a8",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"line_hashes": [
"24929154912866296258003856795052035698",
"102985994623774707472884171700885947163",
"28629836810280458568764820646968600580",
"157372545684039080746348332028554779667",
"248037606502086375276121672084761026974",
"244779512637814176098350952546511676167",
"91852767605856262281093661707503156980",
"179424779785096709195201883026574155013",
"167406583980043863501189067292388973488",
"226208579727948403648167630623307804907",
"206422986024070089075164415342025238466",
"120323037648485951366567017292489195608",
"222717576057888766947304829867241126022",
"176716013815801271371011895249285319184",
"340046370131221628976650780733953479947",
"24981409069758245919959226956839528696",
"255288383093687017670599869428382125856",
"75407180318704451699303769443305508093"
],
"threshold": 0.9
},
"target": {
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-f21e1007",
"signature_version": "v1",
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda"
]
}platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"spl": "2022-04-05",
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"line_hashes": [
"24929154912866296258003856795052035698",
"102985994623774707472884171700885947163",
"28629836810280458568764820646968600580",
"157372545684039080746348332028554779667",
"248037606502086375276121672084761026974",
"244779512637814176098350952546511676167",
"91852767605856262281093661707503156980",
"179424779785096709195201883026574155013",
"167406583980043863501189067292388973488",
"226208579727948403648167630623307804907",
"206422986024070089075164415342025238466",
"120323037648485951366567017292489195608",
"222717576057888766947304829867241126022",
"176716013815801271371011895249285319184",
"340046370131221628976650780733953479947",
"24981409069758245919959226956839528696",
"255288383093687017670599869428382125856",
"75407180318704451699303769443305508093"
],
"threshold": 0.9
},
"target": {
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-21527b53",
"signature_version": "v1",
"signature_type": "Line"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"function_hash": "44364368635206463946580718456940636632",
"length": 547.0
},
"target": {
"function": "handleNfcStateChanged",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-7e992305",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"function_hash": "127039390748364425891178181785151239171",
"length": 82.0
},
"target": {
"function": "SecureNfcEnabler",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-d1a95ae2",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"line_hashes": [
"41316701183679083181387877749634756102",
"41790578179167789807707609587394117715",
"164918464923637698435955425395342737892",
"325290779790417954361537207831400346090"
],
"threshold": 0.9
},
"target": {
"file": "src/com/android/settings/connecteddevice/NfcAndPaymentFragment.java"
},
"id": "ASB-A-209446496-f017e696",
"signature_version": "v1",
"signature_type": "Line"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda"
]
}platform/packages/apps/Settings
Package
- Name
- platform/packages/apps/Settings
Ecosystem specific
{
"types": [
"EoP"
],
"severity": "High",
"spl": "2022-04-05",
"vanir_signatures": [
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"line_hashes": [
"41316701183679083181387877749634756102",
"41790578179167789807707609587394117715",
"164918464923637698435955425395342737892",
"325290779790417954361537207831400346090"
],
"threshold": 0.9
},
"target": {
"file": "src/com/android/settings/connecteddevice/NfcAndPaymentFragment.java"
},
"id": "ASB-A-209446496-193855f6",
"signature_version": "v1",
"signature_type": "Line"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"function_hash": "127039390748364425891178181785151239171",
"length": 82.0
},
"target": {
"function": "SecureNfcEnabler",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-4f8d7232",
"signature_version": "v1",
"signature_type": "Function"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"line_hashes": [
"24929154912866296258003856795052035698",
"102985994623774707472884171700885947163",
"28629836810280458568764820646968600580",
"157372545684039080746348332028554779667",
"248037606502086375276121672084761026974",
"244779512637814176098350952546511676167",
"91852767605856262281093661707503156980",
"179424779785096709195201883026574155013",
"167406583980043863501189067292388973488",
"226208579727948403648167630623307804907",
"206422986024070089075164415342025238466",
"120323037648485951366567017292489195608",
"222717576057888766947304829867241126022",
"176716013815801271371011895249285319184",
"340046370131221628976650780733953479947",
"24981409069758245919959226956839528696",
"255288383093687017670599869428382125856",
"75407180318704451699303769443305508093"
],
"threshold": 0.9
},
"target": {
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-d1593f38",
"signature_version": "v1",
"signature_type": "Line"
},
{
"deprecated": false,
"source": "https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda",
"digest": {
"function_hash": "44364368635206463946580718456940636632",
"length": 547.0
},
"target": {
"function": "handleNfcStateChanged",
"file": "src/com/android/settings/nfc/SecureNfcEnabler.java"
},
"id": "ASB-A-209446496-f5e6fb11",
"signature_version": "v1",
"signature_type": "Function"
}
],
"fixes": [
"https://android.googlesource.com/platform/packages/apps/Settings/+/a579ca7554dcbfd3fce1c90451fb54cb676cfdda"
]
}