{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T22:47:13.786","vulnerabilities":[{"cve":{"id":"CVE-2021-39619","sourceIdentifier":"security@android.com","published":"2022-02-11T18:15:09.943","lastModified":"2024-11-21T06:19:48.940","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In updatePackageMappingsData of UsageStatsService.java, there is a possible way to bypass security and privacy settings of app usage due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12Android ID: A-197399948"},{"lang":"es","value":"En la función updatePackageMappingsData del archivo UsageStatsService.java, Se presenta una posible forma de omitir la configuración de seguridad y privacidad del uso de la aplicación debido a una causa root inusual. Esto podría conllevar a una escalada local de privilegios sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. Producto: Android, Versiones: Android-11 Android-12, ID de Android: A-197399948"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-Other"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"},{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:12.0:*:*:*:*:*:*:*","matchCriteriaId":"F8FB8EE9-FC56-4D5E-AE55-A5967634740C"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/2022-02-01","source":"security@android.com","tags":["Patch","Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/2022-02-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}