2 matches found
CVE-2022-20121
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android...
CVE-2022-20121
CVE-2022-20121 describes an information-disclosure vulnerability in Android related to the USCCDMPlugin/USCCDMService. The root cause is a missing permission check in getNodeValue of USCCDMPlugin.java, enabling local disclosure of ICCID with no extra execution privileges and without user interact...