Elevation of Privilege Vulnerability in Android External Storage Provider Allows Unauthorized Access to SD Card Data

Elevation of Privilege Vulnerability in Android External Storage Provider Allows Unauthorized Access to SD Card Data

CVE-2017-0388 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32523490.

Learn more about our Cis Benchmark Audit For Google Android.