{"id":"ASB-A-155287782", "published":"2021-02-01T00:00:00Z", "modified":"2026-04-30T15:48:46.890647439Z", "aliases":["CVE-2021-0302", "A-155287782"], "details":"In PackageInstaller, there is a possible tapjacking attack due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.", "affected":[{"package":{"name":"platform/packages/apps/PackageInstaller", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"8.0:0"}, {"fixed":"8.0:2021-02-01"}]}], "versions":["8.0"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/8c5b4cd30a77733dd1012725b69d2089f78455ac"], "severity":"High", "spl":"2021-02-01", "types":["EoP"]}}, {"package":{"name":"platform/packages/apps/PackageInstaller", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"8.1:0"}, {"fixed":"8.1:2021-02-01"}]}], "versions":["8.1"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/8c5b4cd30a77733dd1012725b69d2089f78455ac"], "severity":"High", "spl":"2021-02-01", "types":["EoP"]}}, {"package":{"name":"platform/packages/apps/PackageInstaller", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-02-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/8c5b4cd30a77733dd1012725b69d2089f78455ac"], "severity":"High", "spl":"2021-02-01", "types":["EoP"]}}, {"package":{"name":"platform/packages/apps/PackageInstaller", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2021-02-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/8c5b4cd30a77733dd1012725b69d2089f78455ac"], "severity":"High", "spl":"2021-02-01", "types":["EoP"]}}, {"package":{"name":"platform/packages/apps/PackageInstaller", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2021-02-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/8c5b4cd30a77733dd1012725b69d2089f78455ac"], "severity":"High", "spl":"2021-02-01", "types":["EoP"]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-02-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/apps/PackageInstaller/+/8c5b4cd30a77733dd1012725b69d2089f78455ac"}]}