Improper caller check vulnerability in Knox Core prior to SMR MAY-2021 Release 1 allows attackers to install arbitrary app.
The Android application exports a component for use by other applications, but does not properly restrict which applications can launch the component or access the data it contains.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Android | 11.0 (including) | 11.0 (including) |
The attacks and consequences of improperly exporting a component may depend on the exported component: