2 matches found
CVE-2022-20360
In setChecked of SecureNfcPreferenceController.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10...
CVE-2022-20360
CVE-2022-20360 involves a missing permission check in the Android component SecureNfcPreferenceController.java (method setChecked), allowing local privilege escalation from the guest user without extra execution privileges. Affected products include Android 10, 11, 12, and 12L. The provided docum...