CVE-2021-33699

7.6HIGH

Key Information:

Vendor: SAP
Status: SAP Fiori Client Native Mobile For Android
Vendor: CVE Published:; 10 August 2021

Summary

Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information.

Affected Version(s)

SAP Fiori Client Native Mobile for Android < 3.2

References

https://launchpad.support.sap.com/#/notes/3067219

x_refsource_MISC

https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageI...

x_refsource_MISC

CVSS V3.1

Score:

7.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Aug 10, 2021
Vulnerability Reserved
May 28, 2021