{"id":"ASB-A-172322502", "published":"2021-04-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2021-0445", "A-172322502"], "details":"In start of WelcomeActivity.java, there is a possible residual profile due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/packages/apps/ManagedProvisioning", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2021-04-05"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/e2e7db03f6629a049d7f9a255b1238182b104435"], "severity":"High", "spl":"2021-04-05", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["267192170493229523696223573646670273399", "338038645278955396091962215389328351175", "222592965601268419775985950103889431668", "101324354763547935278631398959791876538", "109139238108337384528376725384688091678", "157370780375504858674881480152622921994", "317330206669925724325579129324567481825", "63426012201672372493438705069252786800", "249171790815410219612734183124320482265", "180404932187257232605504121047543543358", "288690388350496034889718794049660130460"], "threshold":0.9}, "id":"ASB-A-172322502-6da0f4ec", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/e2e7db03f6629a049d7f9a255b1238182b104435", "target":{"file":"src/com/android/managedprovisioning/finalization/FinalizationController.java"}}, {"deprecated":false, "digest":{"line_hashes":["228725422874890500404722894961141832503", "141934198722136723954338757764907351491", "218227820810902030954871776798730062028", "225565816507896717753283047892474050207", "112738795450441930932611522079018513168", "114071533140300265248204588839640086702", "20589838921031885125274903363280850225", "261988694032451924320424717076509552746", "244178575112175948922872806110849256185"], "threshold":0.9}, "id":"ASB-A-172322502-f770adf0", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/e2e7db03f6629a049d7f9a255b1238182b104435", "target":{"file":"src/com/android/managedprovisioning/finalization/FinalizationActivity.java"}}, {"deprecated":false, "digest":{"function_hash":"113269246220345807028762452177490341681", "length":117}, "id":"ASB-A-172322502-fac1a50b", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/apps/ManagedProvisioning/+/e2e7db03f6629a049d7f9a255b1238182b104435", "target":{"file":"src/com/android/managedprovisioning/finalization/FinalizationActivity.java", "function":"onCreate"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2021-04-01"}]}