Improper Input Validation in WiFi Settings Enables Local Privilege Escalation on Android

Improper Input Validation in WiFi Settings Enables Local Privilege Escalation on Android

CVE-2021-39763 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Settings, there is a possible way to make the user enable WiFi due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-199176115

Learn more about our Cis Benchmark Audit For Google Android.