CVE-2022-22266 — Improper Privilege Management in Mobile Devices
Severity
3.3LOWNVD
CNA4.0
EPSS
0.0%
top 95.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 10
Latest updateJan 11
Description
(Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untrusted applications to get WiFi information without proper permission.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:NExploitability: 1.8 | Impact: 1.4
Affected Packages2 packages
🔴Vulnerability Details
2GHSA▶
GHSA-pg92-m2x5-jm39: (Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untruste↗2022-01-11
CVEList▶
CVE-2022-22266: (Applicable to China models only) Unprotected WifiEvaluationService in TencentWifiSecurity application prior to SMR Jan-2022 Release 1 allows untruste↗2022-01-07