In query of DownloadManager.java, there is a possible read/write of arbitrary files due to a permissions bypass. This could lead to local information disclosure and file rewriting with no additional execution privileges needed. User interaction is not needed for exploitation.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Android | 7.0 (including) | 7.0 (including) | |
Android | 7.1.1 (including) | 7.1.1 (including) | |
Android | 7.1.2 (including) | 7.1.2 (including) | |
Android | 8.0 (including) | 8.0 (including) | |
Android | 8.1 (including) | 8.1 (including) | |
Android | 9.0 (including) | 9.0 (including) |