2 matches found
CVE-2022-20248
In Settings, there is a possible way to connect to an open network bypassing DISALLOWCONFIGWIFI restriction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2022-20248
CVE-2022-20248 affects Android 13 where a logic error in the Settings code can bypass DISALLOW_CONFIG_WIFI, enabling a local escalation of privilege to connect to an open network without user interaction. Affected component: Settings; impact: local Privilege Elevation with High confidentiality/in...