Missing Permission Check in updateNotification of BeamTransferManager.java Allows Local Information Disclosure of Paired Bluetooth Addresses

Missing Permission Check in updateNotification of BeamTransferManager.java Allows Local Information Disclosure of Paired Bluetooth Addresses

CVE-2021-0542 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

In updateNotification of BeamTransferManager.java, there is a missing permission check. This could lead to local information disclosure of paired Bluetooth addresses with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-168712890

Learn more about our Cis Benchmark Audit For Google Android.