CVE List

CVE-2021-0588

Moderate 5.5

In processInboundMessage of MceStateMachine.java, there is a possible SMS disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9Android ID: A-177238342

Published July 14, 2021.

Affected software

Google Android

Get alerts for Google Android

Reference links