Uninstallation Permission Retention Vulnerability in Android

Uninstallation Permission Retention Vulnerability in Android

CVE-2019-2089 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

In app uninstallation, there is a possible set of permissions that may not be removed from a shared app ID. This could lead to a local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-10 Android ID: A-116608833

Learn more about our Cis Benchmark Audit For Google Android.