CVE-2021-0468

MEDIUM Year: 2021
CVSS v3 Score
6.6
Medium
CVSS v2 Score
4.4
Medium
Weakness Type
CWE-1188
View all →

Vulnerability Description

In LK, there is a possible escalation of privilege due to an insecure default value. This could lead to local escalation of privilege for an attacker who has physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-180427272

Related Vulnerabilities

CVE-2018-10989

MEDIUM
CVSS:6.6(Medium)

Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 devices are distributed by some ISPs with a default password of "password" for the admin account that is used over an unencrypted http://192.168.0....

CWE-11882018

CVE-2020-12732

MEDIUM
CVSS:6.5(Medium)

DEPSTECH WiFi Digital Microscope 3 has a default SSID of Jetion_xxxxxxxx with a password of 12345678.

CWE-11882020

CVE-2021-41192

MEDIUM
CVSS:6.5(Medium)

Redash is a package for data visualization and sharing. If an admin sets up Redash versions 10.0.0 and prior without explicitly specifying the `REDASH_COOKIE_SECRET` or `REDASH_SECRET_KEY` environment...

CWE-11882021

CVE-2022-32480

MEDIUM
CVSS:6.5(Medium)

Dell PowerScale OneFS, versions 9.0.0, up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an insecure default initialization of a resource vulnerability. A remote authenticated atta...

CWE-11882022

CVE-2023-31101

MEDIUM
CVSS:6.5(Medium)

Insecure Default Initialization of Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.5.0 through 1.6.0. Users registered in InLong who joined ...

CWE-11882023

CVE-2023-5368

MEDIUM
CVSS:6.5(Medium)

On an msdosfs filesystem, the 'truncate' or 'ftruncate' system calls under certain circumstances populate the additional space in the file with unallocated data from the underlying disk device, rather...

CWE-11882023