Unrated severityNVD Advisory· Published Dec 6, 2019· Updated Aug 4, 2024
CVE-2019-2218
CVE-2019-2218
Description
In createSessionInternal of PackageInstallerService.java, there is a possible improper permission grant due to a missing permission check. This could lead to local escalation of privilege by installing malicious packages with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-141169173
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Google/Androiddescription
- Range: 8.0, 8.1, 9, 10
Patches
Vulnerability mechanics
References
1- source.android.com/security/bulletin/2020-01-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.