Click the icon to Follow me:- twitterTelegramRedditDiscord


In updatePermissionSourcePackage of, there is a possible automatic runtime permission grant due to a confused deputy. This could lead to local escalation of privilege allowing a malicious app to silently gain access to a dangerous permission with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-10, Android-11; Android ID: A-155648771.

Reference Links(if available):

  • CVSS Score (if available)

    v2: / HIGH

    v3: /

    Links to Exploits(if available)