Local Privilege Escalation Vulnerability in Vivo Devices
CVE-2021-26280
7.9HIGH
Summary
CVE-2021-26280 is a high-severity local privilege escalation vulnerability found in locally installed Vivo applications. This vulnerability allows unauthorized users to bypass permission checks, potentially enabling malicious actors to perform system operations that should require elevated permissions. As a result, this could lead to unauthorized access to sensitive system resources. It is critical for users to ensure that their Vivo devices are updated to the latest security patches to mitigate this risk.
Affected Version(s)
Permission manager module Versions earlier than Android 10
References
CVSS V3.1
Score:
7.9
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved