cvedb.io
CVE-2017-0388
MEDIUM · CVSS 5.5
EPSS exploitation probability: 0%
Published 2017-01-12T20:59:02.187 · Last modified 2026-06-17T00:57:37.117

Summary

An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32523490.

Affected products

google — android

Does this affect you?

Add your gear to cvedb and we'll alert you only when google ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.