Original Issue Date:May 11, 2021
Severity Rating: HIGH
1. Software Affected
- Google Android versions 8.1, 9, 10,11
2. Overview
- Multiple vulnerabilities have been reported in Google Android which could be exploited by attackers to gain elevated privileges, obtain sensitive information or remotely execute arbitrary code on the targeted system.
3. Description
- These vulnerabilities exist in Google Android due to flaws in the Framework components, Media Framework components, System components, Kernel Components, AMLogic components, ARM components, MediaTek components, Qualcomm components, Qualcomm closed-source components. A remote attacker could exploit these vulnerabilities by hosting a specially crafted file designed to exploit the vulnerabilities.
- Successful exploitation of these vulnerabilities could allow remote attacker to perform arbitrary code execution within the context of a privileged process, gain elevated privileges and allow the attacker to access sensitive information from the targeted device.
4. Solution
- Apply appropriate updates as provided by various device manufacturers:
https://source.android.com/security/bulletin/2021-05-01
5. Vendor Information
https://source.android.com/security/bulletin/2021-05-01
6. References
https://source.android.com/security/bulletin/2021-05-01
7. Disclaimer
The information provided herein is on “as is” basis, without warranty of any kind.