ASB-A-174047492

See a problem?
Import Source
https://storage.googleapis.com/android-osv/ASB-A-174047492.json
JSON Data
https://api.osv.dev/v1/vulns/ASB-A-174047492
Aliases
  • A-174047492
  • CVE-2021-0523
Published
2021-06-01T00:00:00Z
Modified
2024-08-07T19:29:23.808136Z
Summary
[Settings WifiScanModeActivity Could be Overlaid to Trick User Into Allow Scanning Even When Wi-Fi Turned Off]
Details

In onCreate of WifiScanModeActivity.java, there is a possible way to enable Wi-Fi scanning without user consent due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
10:0
Fixed
10:2021-06-01

Affected versions

Other

10

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "328263169580508867976876575400628265794",
                    "110424566519442481665465581655237687646",
                    "322102221475400443108148106970967004392",
                    "108217010661045898630435102137187521905",
                    "295920884582073271744377298668040679510",
                    "287274780326124899620192979046656855227",
                    "185974074193300355660243960888347440480",
                    "92475357582801666664465760516120286434"
                ]
            },
            "id": "ASB-A-174047492-2bfb51b8",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/faa5f6b5f6b67421f1327690f358f2fc5ee12c33",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/WifiScanModeActivity.java"
            },
            "signature_type": "Line"
        },
        {
            "digest": {
                "length": 512.0,
                "function_hash": "216698803617722576029150201810114412891"
            },
            "id": "ASB-A-174047492-8bf326c4",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/faa5f6b5f6b67421f1327690f358f2fc5ee12c33",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/WifiScanModeActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/faa5f6b5f6b67421f1327690f358f2fc5ee12c33"
    ],
    "spl": "2021-06-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}

Android / platform/packages/apps/Settings

Affected ranges

Type
ECOSYSTEM
Events
Introduced
11:0
Fixed
11:2021-06-01

Affected versions

Other

11

Ecosystem specific

{
    "vanir_signatures": [
        {
            "digest": {
                "length": 512.0,
                "function_hash": "158803676454670411362006961934677279220"
            },
            "id": "ASB-A-174047492-567d4985",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/58b0f2d5b3ab4e7002b870aedc971a2d8d9e8e44",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/WifiScanModeActivity.java",
                "function": "onCreate"
            },
            "signature_type": "Function"
        },
        {
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "278439482067112957380265895062969078593",
                    "62494506271113635611819801336893045692",
                    "202940160376952609789420844645356167769",
                    "108217010661045898630435102137187521905",
                    "295920884582073271744377298668040679510",
                    "287274780326124899620192979046656855227",
                    "185974074193300355660243960888347440480",
                    "326699467371759243067822480658829003894"
                ]
            },
            "id": "ASB-A-174047492-8c8fe44a",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/58b0f2d5b3ab4e7002b870aedc971a2d8d9e8e44",
            "deprecated": false,
            "signature_version": "v1",
            "target": {
                "file": "src/com/android/settings/wifi/WifiScanModeActivity.java"
            },
            "signature_type": "Line"
        }
    ],
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/58b0f2d5b3ab4e7002b870aedc971a2d8d9e8e44"
    ],
    "spl": "2021-06-01",
    "severity": "High",
    "types": [
        "EoP"
    ]
}