{"api_version":"1","generated_at":"2026-04-23T04:10:53+00:00","cve":"CVE-2021-0592","urls":{"html":"https://cve.report/CVE-2021-0592","api":"https://cve.report/api/cve/CVE-2021-0592.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2021-0592","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2021-0592"},"summary":{"title":"CVE-2021-0592","description":"In various functions in WideVine, there are possible out of bounds writes due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-188061006","state":"PUBLIC","assigner":"security@android.com","published_at":"2021-07-14 14:15:00","updated_at":"2021-07-16 19:54:00"},"problem_types":["CWE-787"],"metrics":[],"references":[{"url":"https://source.android.com/security/bulletin/2021-07-01","name":"https://source.android.com/security/bulletin/2021-07-01","refsource":"MISC","tags":[],"title":"Android Security Bulletin—July 2021  |  Android Open Source Project","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.cve.org/CVERecord?id=CVE-2021-0592","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2021-0592","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2021","cve_id":"592","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2021-0592","qid":"610352","title":"Google Android Devices July 2021 Security Patch Missing"},{"cve":"CVE-2021-0592","qid":"610359","title":"Google Android August 2021 Security Patch Missing for LGE"},{"cve":"CVE-2021-0592","qid":"610360","title":"Google Android August 2021 Security Patch Missing for Samsung"}]},"source_records":{"cve_program":{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ID":"CVE-2021-0592","ASSIGNER":"security@android.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"n/a","product":{"product_data":[{"product_name":"Android","version":{"version_data":[{"version_value":"Android SoC"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Elevation of privilege"}]}]},"references":{"reference_data":[{"refsource":"MISC","name":"https://source.android.com/security/bulletin/2021-07-01","url":"https://source.android.com/security/bulletin/2021-07-01"}]},"description":{"description_data":[{"lang":"eng","value":"In various functions in WideVine, there are possible out of bounds writes due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-188061006"}]}},"nvd":{"publishedDate":"2021-07-14 14:15:00","lastModifiedDate":"2021-07-16 19:54:00","problem_types":["CWE-787"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":8.8,"baseSeverity":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":9.3},"severity":"HIGH","exploitabilityScore":8.6,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2021","CveId":"592","Ordinal":"190294","Title":"CVE-2021-0592","CVE":"CVE-2021-0592","Year":"2021"},"notes":[{"CveYear":"2021","CveId":"592","Ordinal":"1","NoteData":"In various functions in WideVine, there are possible out of bounds writes due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-188061006","Type":"Description","Title":null},{"CveYear":"2021","CveId":"592","Ordinal":"2","NoteData":"2021-07-14","Type":"Other","Title":"Published"},{"CveYear":"2021","CveId":"592","Ordinal":"3","NoteData":"2021-07-14","Type":"Other","Title":"Modified"}]}}}