CVE-2021-23244

Published: Dec 27, 2021

Modified: Aug 3, 2024

PUBLISHED

Description

ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission.

Vendor	Product	Versions
n/a	OPPO Android Phone	affected `OPPO Mobile phones with ColorOS 11 version`

References

https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2021-23244

Description

Affected Products

References