2 matches found
CVE-2022-26429
In cta, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07025415; Issue ID:...
CVE-2022-26429
CVE-2022-26429 concerns a missing permission check in the cta component, enabling an app to write permission usage records. This constitutes a local privilege escalation vulnerability with a LOCAL attack vector, LOW privileges required, and NO user interaction needed. The NVD entry cites a patch ...