{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-10T10:05:19.275","vulnerabilities":[{"cve":{"id":"CVE-2021-0388","sourceIdentifier":"security@android.com","published":"2021-03-10T17:15:13.767","lastModified":"2024-11-21T05:42:37.733","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In onReceive of ImsPhoneCallTracker.java, there is a possible misattribution of data usage due to an incorrect broadcast handler. This could lead to local escalation of privilege resulting in attributing video call data to the wrong app, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-162741489"},{"lang":"es","value":"En la función onReceive del archivo ImsPhoneCallTracker.java, se presenta una posible atribución incorrecta del uso de datos debido a un controlador de transmisión incorrecto. Esto podría conllevar a una escalada de privilegios local que resulte en la atribución de datos de videollamadas a la aplicación incorrecta, sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. Producto: Android, Versiones: Android-11, ID de Android: A-162741489"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-862"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/pixel/2021-03-01","source":"security@android.com","tags":["Patch","Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/pixel/2021-03-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}