Lucene search

Google_androidCVELIST:CVE-2022-20210

HistoryJun 15, 2022 - 1:03 p.m.

CVE-2022-20210

2022-06-1513:03:08

google_android

www.cve.org

nas messages

modem crash

dos

rce

android soc

android id

parsing code

cve-2022-20210

AI Score

9.2

Confidence

High

EPSS

0.001

Percentile

43.7%

JSON

The UE and the EMM communicate with each other using NAS messages. When a new NAS message arrives from the EMM, the modem parses it and fills in internal objects based on the received data. A bug in the parsing code could be used by an attacker to remotely crash the modem, which could lead to DoS or RCE.Product: AndroidVersions: Android SoCAndroid ID: A-228868888

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android SoC"
      }
    ]
  }
]

References

source.android.com/security/bulletin/2022-06-01