Security Advisory

CVE-2019-2221

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2019-12-06 22:40:40

Last updated 2024-08-04 18:42:50

Assigner google_android

State PUBLISHED

Description

In hasActivityInVisibleTask of WindowProcessController.java there’s a possible bypass of user interaction requirements due to incorrect handling of top activities in INITIALIZING state. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138583650

← Browse all CVEs View on cve.org ↗