Security Advisory

CVE-2021-1037

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-01-14 19:11:25

Last updated 2024-08-03 15:55:18

Assigner google_android

State PUBLISHED

Description

The broadcast that DevicePickerFragment sends when a new device is paired doesnt have any permission checks, so any app can register to listen for it. This lets apps keep track of what devices are paired without requesting BLUETOOTH permissions.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-9Android ID: A-162951906

← Browse all CVEs View on cve.org ↗