exploitDog

CVE-2022-42544

Опубликовано: 16 дек. 2022

Источник: nvd

CVSS3: 7.8

EPSS Низкий

Описание

In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545390

Ссылки

https://source.android.com/security/bulletin/pixel/2022-12-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2022-12-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00058

Низкий

7.8 High

CVSS3

Дефекты

CWE-74

CWE-74

Связанные уязвимости

GHSA-j2p8-g7vg-2chp

CVSS3: 7.8

github

около 3 лет назад

In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545390

EPSS

Процентиль: 18%

0.00058

Низкий

7.8 High

CVSS3

Дефекты

CWE-74

CWE-74