CVE-2022-20359

Опубликовано: 10 авг. 2022

Источник: nvd

Описание

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none

Связанные уязвимости

GHSA-cj4c-4fjr-x468

CVSS3: 3.3

github

больше 3 лет назад

In various methods of NotificationManagerService.java, there is a possible way to view notifications while lockdown is enabled due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-173721373