CVE-2021-0567 – This vulnerability allows local privilege escal... (How to Fix)

📋 TL;DR

This vulnerability allows local privilege escalation on Android 11 devices by bypassing font file injection restrictions in RemoteViews.java. Attackers can exploit this without user interaction to gain elevated privileges. Only Android 11 devices are affected.

💻 Affected Systems

Products:

Android

Versions: Android 11 only

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Android 11; earlier and later versions are not vulnerable

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing installation of malicious apps, data theft, and persistence

🟠

Likely Case

Local privilege escalation enabling unauthorized access to system resources and sensitive data

🟢

If Mitigated

No impact if patched or on non-Android 11 devices

🌐 Internet-Facing: LOW - Requires local access to device

🏢 Internal Only: HIGH - Can be exploited by malicious apps or users with physical access

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access but no user interaction; exploit details not publicly available

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level 2021-06-01 or later

Vendor Advisory: https://source.android.com/security/bulletin/pixel/2021-06-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > Advanced > System update
2. Install Android Security Patch Level 2021-06-01 or later
3. Reboot device after installation

🔧 Temporary Workarounds

Disable unknown sources

android

Prevent installation of apps from unknown sources to reduce attack surface

Settings > Security > Install unknown apps > Disable for all apps

🧯 If You Can't Patch

Restrict physical access to devices
Implement mobile device management (MDM) with strict app installation policies

🔍 How to Verify

Check if Vulnerable:

Check Settings > About phone > Android version (if Android 11) and Security patch level (if before 2021-06-01)

Check Version:

adb shell getprop ro.build.version.release && adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Security patch level is 2021-06-01 or later in Settings > About phone

📡 Detection & Monitoring

Log Indicators:

Unusual font file operations in system logs
Privilege escalation attempts

Network Indicators:

None - local exploit only

SIEM Query:

Not applicable for local Android device exploits

📊 Metadata

CVE ID: CVE-2021-0567

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-74

Published: June 22, 2021

Last Updated: November 21, 2024

🔗 References

https://source.android.com/security/bulletin/pixel/2021-06-01 Vendor Advisory
https://source.android.com/security/bulletin/pixel/2021-06-01 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-0567, you might also want to check these: