Lucene search

K
osvGoogleOSV:ASB-A-244423101
HistoryFeb 01, 2023 - 12:00 a.m.

Bypass fix of CVE-2022-20347: Making bluetooth discoverable via SettingsIntelligence#SliceDeepLinkTrampoline to start Settings#BluetoothDashboardFragment

2023-02-0100:00:00
Google
osv.dev
8
cve-2022-20347
bluetooth
permission bypass
bluetoothswitchpreferencecontroller.java
remote escalation

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

46.7%

In onStart of BluetoothSwitchPreferenceController.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

8.1

Confidence

High

EPSS

0.001

Percentile

46.7%