CVE-2016-6771

Published: Jan 12, 2017Modified: May 6, 2026

5.3

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

Exploitability: 1.8 / Impact: 3.4

Source: NVD

Description

An elevation of privilege vulnerability in Telephony could enable a local malicious application to access system functions beyond its access level. This issue is rated as Moderate because it is a local bypass of restrictions on a constrained process. Product: Android. Versions: 6.0, 6.0.1, 7.0. Android ID: A-31566390.

Affected (3)

Products: Google: Android

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Google Android	Version 6.0.1
Google Android	Version 6.0
Google Android	Version 7.0

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (4)

http://www.securityfocus.com/bid/94706

Source: security@android.com

https://source.android.com/security/bulletin/2016-12-01.html

Source: security@android.com

Vendor Advisory

http://www.securityfocus.com/bid/94706

Source: af854a3a-2127-422b-91ae-364da2661108

https://source.android.com/security/bulletin/2016-12-01.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.