Vulnerability Details : CVE-2021-39697
In checkFileUriDestination of DownloadProvider.java, there is a possible way to bypass external storage private directories protection due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-200813547
Published
2022-03-16 15:15:11
Updated
2022-07-12 17:42:04
Exploit prediction scoring system (EPSS) score for CVE-2021-39697
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less