CVE-2021-25349
Description
Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via hijacking the PendingIntent.
References
Vendor Advisory
Vendor Advisory
CvssV3 impact
BaseSeverity | HIGH |
ConfidentialityImpact | HIGH |
AttackComplexity | LOW |
Scope | UNCHANGED |
AttackVector | LOCAL |
AvailabilityImpact | HIGH |
IntegrityImpact | HIGH |
PrivilegesRequired | LOW |
BaseScore | 7.8 |
VectorString | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Version | 3.1 |
UserInteraction | NONE |
CvssV2 impact
AccessComplexity | LOW |
ConfidentialityImpact | PARTIAL |
AvailabilityImpact | PARTIAL |
IntegrityImpact | PARTIAL |
BaseScore | 4.6 |
VectorString | AV:L/AC:L/Au:N/C:P/I:P/A:P |
Version | 2.0 |
AccessVector | LOCAL |
Authentication | NONE |