← back
CVE-2021-0400

CVE-2021-0400

EPSS 0.1%
In injectBestLocation and handleUpdateLocation of GnssLocationProvider.java, there is a possible incorrect reporting of location data to emergency services due to improper input validation. This could lead to incorrect reporting of location data to emergency services with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11Android ID: A-177561690
Affected products
n/a · Android

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://source.android.com/security/bulletin/2021-04-01