Incorrect Order of Arguments in checkAccess Method Allows Local Privilege Escalation in Android 9

Incorrect Order of Arguments in checkAccess Method Allows Local Privilege Escalation in Android 9

CVE-2019-2175 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.

Learn more about our Cis Benchmark Audit For Google Android.