Login Sign Up

CVE-2021-0591

7.3 HIGH

📋 TL;DR

This vulnerability allows a malicious app on an Android device to send privileged broadcast intents, potentially gaining elevated permissions. It affects Android devices running versions 8.1 through 11, requiring user interaction for exploitation.

💻 Affected Systems

Products:
  • Android
Versions: Android 8.1, 9, 10, 11
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Affects devices with the default BluetoothPermissionActivity component; user interaction is required for exploitation.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Local privilege escalation leading to unauthorized access to sensitive device functions or data.

🟠

Likely Case

Malicious app gaining additional permissions to access restricted features like Bluetooth or location data.

🟢

If Mitigated

Limited impact if devices are patched or have strict app permissions, preventing unauthorized intent broadcasts.

🌐 Internet-Facing: LOW, as exploitation requires local app installation and user interaction, not direct internet exposure.
🏢 Internal Only: MEDIUM, as it could be exploited by malicious apps within an organization's device fleet, but requires user interaction.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires a malicious app to be installed and user interaction, making it moderately complex.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Bulletin August 2021 patches

Vendor Advisory: https://source.android.com/security/bulletin/2021-08-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in device settings. 2. Install the August 2021 security patch or later. 3. Restart the device after installation.

🔧 Temporary Workarounds

Disable Bluetooth or restrict app permissions

android

Reduce risk by disabling Bluetooth when not in use or limiting app permissions to prevent malicious intent broadcasts.

🧯 If You Can't Patch

  • Restrict installation of untrusted apps via device management policies.
  • Monitor for unusual app behavior or permission requests using mobile security tools.

🔍 How to Verify

Check if Vulnerable:

Check Android version in Settings > About phone > Android version; if it's 8.1 to 11 and not patched with August 2021 update, it may be vulnerable.

Check Version:

adb shell getprop ro.build.version.release

Verify Fix Applied:

Verify the Android security patch level is August 2021 or later in Settings > About phone > Android security patch level.

📡 Detection & Monitoring

Log Indicators:

  • Log entries showing unexpected broadcast intents from BluetoothPermissionActivity or permission escalation attempts.

Network Indicators:

  • None, as this is a local privilege escalation vulnerability.

SIEM Query:

Example: Search for logs with event IDs related to Bluetooth permission activities or app privilege changes on Android devices.

📊 Metadata

CVE ID: CVE-2021-0591
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-610
Published: August 17, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-0591, you might also want to check these:

CVE-2025-22144 9.8

This vulnerability in NamelessMC allows attackers with admincp.core.emails or admincp.users.edit per...

Same vulnerability type (CWE-610)
CVE-2021-44041 9.8

This vulnerability in UiPath Assistant allows attackers to execute arbitrary code or capture NTLM cr...

Same vulnerability type (CWE-610)
CVE-2021-41244 9.1

This vulnerability in Grafana allows organization administrators to access and modify users in other...

Same vulnerability type (CWE-610)