Vulnerability Details : CVE-2019-2197
In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-138529441
Published
2019-11-13 18:15:11
Updated
2021-07-21 11:39:24
Vulnerability category: Information leak
Exploit prediction scoring system (EPSS) score for CVE-2019-2197
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less