3 matches found
CVE-2022-20441
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
CVE-2022-20441
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not...
CVE-2022-20441
CVE-2022-20441 affects Android 10–13, originating from a logic error in Task.java: navigateUpTo can launch an unexported intent handler, enabling local elevation of privilege if the target app uses an intent trampoline. The vulnerability is described as requiring local access with no additional e...