Google Android vulnerabilities

CVE-2022-20220 [HIGH] CWE-22 CVE-2022-20220: In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal e In openFile of CallLogProvider.java, there is a possible permission bypass due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-219015884

CVE-2022-20218 [HIGH] CWE-732 CVE-2022-20218: In PermissionController, there is a possible way to get and retain permissions without user's consen In PermissionController, there is a possible way to get and retain permissions without user's consent due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-223907044

CVE-2022-20234 [HIGH] CWE-732 CVE-2022-20234: In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessCo In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make users enable notification access permission for the malicious app. That i

CVE-2022-20212 [HIGH] CWE-1021 CVE-2022-20212: In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjackin In wifi.RequestToggleWifiActivity of AndroidManifest.xml, there is a possible EoP due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11Android ID: A-182282630

CVE-2022-20223 [HIGH] CWE-610 CVE-2022-20223: In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start In assertSafeToStartCustomActivity of AppRestrictionsFragment.java, there is a possible way to start a phone call without permissions due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11

CVE-2022-20221 [MEDIUM] CWE-125 CVE-2022-20221: In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to impro In avrc_ctrl_pars_vendor_cmd of avrc_pars_ct.cc, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12

CVE-2022-20225 [MEDIUM] CWE-862 CVE-2022-20225: In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive i In getSubscriptionProperty of SubscriptionController.java, there is a possible read of a sensitive identifier due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 And

CVE-2022-20219 [MEDIUM] CWE-312 CVE-2022-20219: In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible In multiple functions of StorageManagerService.java and UserManagerService.java, there is a possible way to leave user's directories unencrypted due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: An

CVE-2022-20230 [MEDIUM] CWE-116 CVE-2022-20230: In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due In choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID:

CVE-2022-20228 [MEDIUM] CWE-416 CVE-2022-20228: In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use af In various functions of C2DmaBufAllocator.cpp, there is a possible memory corruption due to a use after free. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213850092

CVE-2022-20226 [LOW] CWE-1021 CVE-2022-20226: In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper In finishDrawingWindow of WindowManagerService.java, there is a possible tapjacking due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213644870

CVE-2022-33695 [HIGH] CWE-732 CVE-2022-33695: Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorize Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service.

CVE-2022-30754 [HIGH] CWE-20 CVE-2022-30754: Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows at Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker.

CVE-2022-33704 [HIGH] CWE-20 CVE-2022-33704: Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 all Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.

CVE-2022-33703 [HIGH] CWE-20 CVE-2022-33703: Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attack Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.

CVE-2022-30755 [HIGH] CWE-287 CVE-2022-30755: Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to Improper authentication vulnerability in AppLock prior to SMR Jul-2022 Release 1 allows attacker to bypass password confirm activity by hijacking the implicit intent.

CVE-2022-30756 [HIGH] CWE-20 CVE-2022-30756: Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attac Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder.

CVE-2022-33691 [MEDIUM] CWE-367 CVE-2022-33691: A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow lo A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow local attackers to interleave malicious operations.

CVE-2022-33702 [MEDIUM] CWE-285 CVE-2022-33702: Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attac Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset.

CVE-2022-30758 [MEDIUM] CWE-276 CVE-2022-30758: Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attac Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to access some protected information with privilege of Finder.