exploitDog

CVE-2022-20271

Опубликовано: 12 авг. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

In PermissionController, there is a possible way to grant some permissions without user consent due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-207672635

Ссылки

https://source.android.com/security/bulletin/android-13
Vendor Advisory
https://source.android.com/security/bulletin/android-13
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00014

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-vm2m-5jfc-whq2

CVSS3: 7.8

github

больше 3 лет назад

In PermissionController, there is a possible way to grant some permissions without user consent due to misleading or insufficient UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-207672635

EPSS

Процентиль: 2%

0.00014

Низкий

7.8 High

CVSS3

Дефекты

NVD-CWE-noinfo