2 matches found
CVE-2022-20503
In onCreate of WifiDppConfiguratorActivity.java, there is a possible way for a guest user to add a WiFi configuration due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
PT-2022-14716 · Google · Android
Name of the Vulnerable Software and Affected Versions: Android version Android-13 Description: In the onCreate method of WifiDppConfiguratorActivity.java, a missing permission check allows a guest user to add a WiFi configuration. This could lead to local escalation of privilege without needing...