2 matches found
CVE-2022-20446
In AlwaysOnHotwordDetector of AlwaysOnHotwordDetector.java, there is a possible way to access the microphone from the background due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
CVE-2022-20446
CVE-2022-20446 affects Android Framework (AlwaysOnHotwordDetector). The issue is a missing permission check that allows background microphone access, enabling local privilege escalation with no user interaction. Public docs in the Android bulletin assign this as a Framework EoP issue at patch lev...