CVE-2022-20533
- EPSS 0.11%
- Veröffentlicht 16.12.2022 16:15:17
- Zuletzt bearbeitet 18.04.2025 16:15:17
In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interact...
CVE-2022-20199
- EPSS 0.12%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:22
In multiple locations of NfcService.java, there is a possible disclosure of NFC tags due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploita...
CVE-2022-20503
- EPSS 0.16%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:22
In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. ...
CVE-2022-20504
- EPSS 0.17%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:22
In multiple locations of DreamManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and dismissal of system dialogs with User execution privileges needed. User interaction is not needed for exploit...
CVE-2022-20505
- EPSS 0.13%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:22
In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitationProduct: ...
CVE-2022-20506
- EPSS 0.16%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:22
In onCreate of WifiDialogActivity.java, there is a missing permission check. This could lead to local escalation of privilege from a guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: A...
CVE-2022-20507
- EPSS 0.17%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:22
In onMulticastListUpdateNotificationReceived of UwbEventManager.java, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User in...
CVE-2022-20508
- EPSS 0.12%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:23
In onAttach of ConfigureWifiSettings.java, there is a possible way for a guest user to change WiFi settings due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction...
CVE-2022-20509
- EPSS 0.17%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:23
In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...
CVE-2022-20510
- EPSS 0.11%
- Veröffentlicht 16.12.2022 16:15:16
- Zuletzt bearbeitet 21.04.2025 14:15:23
In getNearbyNotificationStreamingPolicy of DevicePolicyManagerService.java, there is a possible way to learn about the notification streaming policy of other users due to a permissions bypass. This could lead to local information disclosure with no a...