Login Sign Up

CVE-2021-0511

7.8 HIGH

📋 TL;DR

This vulnerability allows local attackers to inject malicious bytecode into Android apps during compilation, potentially leading to privilege escalation. It affects Android devices running versions 9, 10, and 11. No user interaction is required for exploitation.

💻 Affected Systems

Products:
  • Android
Versions: Android 9, 10, 11
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the Dex2oat compiler component used during app installation/optimization.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker gains full system-level privileges, potentially compromising the entire device and accessing sensitive data.

🟠

Likely Case

Local privilege escalation allowing attackers to execute arbitrary code with elevated permissions.

🟢

If Mitigated

With proper patching, the vulnerability is eliminated; without patching, risk remains high for unpatched devices.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring local access to the device.
🏢 Internal Only: HIGH - Malicious apps or compromised user accounts could exploit this to gain elevated privileges on affected devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access to the device and ability to install or modify apps.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch June 2021 or later

Vendor Advisory: https://source.android.com/security/bulletin/2021-06-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > Advanced > System update. 2. Install the June 2021 or later security patch. 3. Reboot the device after installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only install apps from trusted sources like Google Play Store and disable unknown sources installation.

Settings > Security > Install unknown apps > Disable for all apps

🧯 If You Can't Patch

  • Implement strict app installation policies and only allow apps from trusted sources
  • Use mobile device management (MDM) solutions to monitor and control device security

🔍 How to Verify

Check if Vulnerable:

Check Android version and security patch level in Settings > About phone > Android version

Check Version:

Settings > About phone > Android version

Verify Fix Applied:

Verify security patch level is June 2021 or later in Settings > About phone > Android security patch level

📡 Detection & Monitoring

Log Indicators:

  • Unusual dex2oat compilation errors or unexpected bytecode modifications in system logs

Network Indicators:

  • Not applicable - local vulnerability

SIEM Query:

Not applicable for typical SIEM monitoring of this local vulnerability

📊 Metadata

CVE ID: CVE-2021-0511
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-20
Published: June 21, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-0511, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)