{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T00:09:59.507","vulnerabilities":[{"cve":{"id":"CVE-2021-0904","sourceIdentifier":"security@android.com","published":"2021-12-15T19:15:10.893","lastModified":"2024-11-21T05:43:14.660","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In SRAMROM, there is a possible permission bypass due to an insecure permission setting. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06076938; Issue ID: ALPS06076938."},{"lang":"es","value":"En SRAMROM, existe una posible derivación de permisos debido a una configuración de permisos insegura. Esto podría llevar a una escalada local de privilegios con necesidad de privilegios de ejecución del sistema. La interacción del usuario no es necesaria para la explotación. ID del parche: ALPS06076938; ID del problema: ALPS06076938"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":6.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":0.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-732"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*","matchCriteriaId":"B06BE74B-83F4-41A3-8AD3-2E6248F7B0B2"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:9.0:*:*:*:*:*:*:*","matchCriteriaId":"8DFAAD08-36DA-4C95-8200-C29FE5B6B854"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*","matchCriteriaId":"D558D965-FA70-4822-A770-419E73BA9ED3"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt6771:-:*:*:*:*:*:*:*","matchCriteriaId":"BE4D2AED-C713-407F-A34A-52C3D8F65835"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8183:-:*:*:*:*:*:*:*","matchCriteriaId":"23F65D7B-31A1-4D94-82E9-254A7A6D7BE1"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8385:-:*:*:*:*:*:*:*","matchCriteriaId":"299378ED-41CE-4966-99B1-65D2BA1215EF"},{"vulnerable":false,"criteria":"cpe:2.3:h:mediatek:mt8788:-:*:*:*:*:*:*:*","matchCriteriaId":"FE10C121-F2AD-43D2-8FF9-A6C197858220"}]}]}],"references":[{"url":"https://corp.mediatek.com/product-security-bulletin/December-2021","source":"security@android.com","tags":["Third Party Advisory"]},{"url":"https://corp.mediatek.com/product-security-bulletin/December-2021","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}