CVE-2022-20308Google Android vulnerability

3 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 34.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Google Android
Timeline
PublishedAug 12
Latest updateJul 31

Description

In hostapd, there is a possible insecure configuration due to an insecure default value. This could lead to remote denial of service of the wifi hotspot with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-197874458

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5google/androidAndroid-13
NVDgoogle/android13.0

🔴Vulnerability Details

1
GHSA
GHSA-xm8q-vm73-xhvp: In hostapd, there is a possible insecure configuration due to an insecure default value2022-08-13

📄Research Papers

1
arXiv
Microservice Vulnerability Analysis: A Literature Review with Empirical Insights2024-07-31