CVE-2014-0900

The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
ibmCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 37%
VendorProductVersion
googleandroid
𝑥
≤ 4.4.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/
https://securityintelligence.com/how-to-cheat-your-mdm-compliance-without-a-password/