Lucene search

Google_androidCVE-2022-20327

HistoryAug 12, 2022 - 3:15 p.m.

CVE-2022-20327

2022-08-1215:15:12

CWE-862

google_android

web.nvd.nist.gov

cve-2022-20327

wi-fi

information disclosure

android

nvd

security vulnerability

CVSS3

2.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

AI Score

3.7

Confidence

High

EPSS

Percentile

5.1%

JSON

In Wi-Fi, there is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-185126813

Affected configurations

Nvd

Vulners

Node

googleandroidMatch13.0

VendorProductVersionCPE
googleandroid13.0cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
google	android	13.0	cpe:2.3:o:google:android:13.0:::::::*

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android-13"
      }
    ]
  }
]

References

source.android.com/security/bulletin/android-13

Social References

CVSS3

2.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N

AI Score

3.7

Confidence

High

EPSS

Percentile

5.1%

JSON

Related for CVE-2022-20327