Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistGoogle_androidCVELIST:CVE-2022-20419
HistoryOct 11, 2022 - 12:00 a.m.

CVE-2022-20419

2022-10-1100:00:00
google_android
www.cve.org
android
activityrecord
logic error
local privilege escalation
no user interaction
code execution
cve-2022-20419

0.0004 Low

EPSS

Percentile

5.1%

JSON

In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-237290578

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Android",
    "versions": [
      {
        "version": "Android-12L Android-13",
        "status": "affected"
      }
    ]
  }
]

Related

nvd 1
osv 1
cve 1
prion 1
malwarebytes 1
nvd
nvd
CVE-2022-20419
2022-10-11 20:15:12
osv
osv
Launcher puts IApplicationThread inside ActivityOptions and it may be sent to launched app
2022-10-01 00:00:00
cve
cve
CVE-2022-20419
2022-10-11 20:15:12
prion
prion
Code injection
2022-10-11 20:15:00
malwarebytes
malwarebytes
Android vulnerabilities could allow arbitrary code execution
2022-10-07 01:45:00

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVELIST:CVE-2022-20419
nvd1osv1cve1prion1malwarebytes1