CVE-2022-20339 — Sensitive Information Exposure in Google Android
2 documents2 sources
Severity
3.3LOWNVD
EPSS
0.0%
top 96.53%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedAug 12
Latest updateAug 13
Description
In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-171572148
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4
Affected Packages2 packages
🔴Vulnerability Details
1GHSA▶
GHSA-fwrj-wmpm-6349: In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration↗2022-08-13