Unrated severityNVD Advisory· Published Nov 13, 2019· Updated Aug 4, 2024
CVE-2019-2197
CVE-2019-2197
Description
In processPhonebookAccess of CachedBluetoothDevice.java, there is a possible permission bypass due to an insecure default value. This could lead to local information disclosure of the user's contact list with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-138529441
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Google/Androiddescription
- Range: 8.0, 8.1, 9, 10
Patches
Vulnerability mechanics
References
1- source.android.com/security/bulletin/2019-11-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.