CVE-2021-0336
📋 TL;DR
This vulnerability allows local attackers to bypass Bluetooth permission checks on Android devices by exploiting a mutable PendingIntent in the Bluetooth permission request handler. It affects Android devices running versions 8.1 through 11, requiring user execution privileges but no user interaction for exploitation.
💻 Affected Systems
- Android
📦 What is this software?
Android by Google
Android by Google
Android by Google
Android by Google
⚠️ Risk & Real-World Impact
Worst Case
An attacker with local access could gain elevated Bluetooth permissions, potentially accessing sensitive Bluetooth-connected devices or data without proper authorization.
Likely Case
Malicious apps could bypass Bluetooth permission controls to connect to Bluetooth devices or access Bluetooth data without user consent.
If Mitigated
With proper patching, the vulnerability is eliminated; without patching, limiting Bluetooth usage and app permissions reduces risk.
🎯 Exploit Status
Exploitation requires local access and execution privileges, but no user interaction is needed once the malicious app is installed.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Android Security Bulletin February 2021 patches
Vendor Advisory: https://source.android.com/security/bulletin/2021-02-01
Restart Required: Yes
Instructions:
1. Apply the February 2021 Android security patch. 2. Update Android OS to the latest available version. 3. Restart the device after patching.
🔧 Temporary Workarounds
Disable Bluetooth when not in use
androidReduces attack surface by disabling Bluetooth functionality
Settings > Connected devices > Connection preferences > Bluetooth > Turn off
Restrict app permissions
androidReview and limit Bluetooth permissions for installed applications
Settings > Apps > [App Name] > Permissions > Bluetooth > Deny
🧯 If You Can't Patch
- Disable Bluetooth functionality completely in device settings
- Implement strict app installation policies and only install apps from trusted sources
🔍 How to Verify
Check if Vulnerable:
Check Android version in Settings > About phone > Android version. If version is 8.1, 9, 10, or 11 and security patch level is before February 2021, the device is vulnerable.Check Version:
Settings > About phone > Android versionVerify Fix Applied:
Verify Android security patch level is February 2021 or later in Settings > About phone > Android security patch level.📡 Detection & Monitoring
Log Indicators:
- Unusual Bluetooth permission requests in system logs
- Bluetooth permission bypass attempts
Network Indicators:
- Unexpected Bluetooth connections from unauthorized apps
SIEM Query:
Search for Bluetooth permission events with suspicious source applications in Android system logs