Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20396

Sept. 13, 2022, 8:15 p.m. |

National Vulnerability Database nist.gov

In SettingsActivity.java, there is a possible way to make a device discoverable over Bluetooth, without permission or user interaction, due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-234440688

android cve

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Information Security Analyst

@ Metropolitan Transportation Commission | San Francisco, CA

Manager, DT GRC (Governance, Risk, And compliance)

@ ServiceNow | Austin, Texas, United States

Associate Threat Intelligence Response Analyst

@ Recorded Future, Inc. | London, UK

Security Engineer - Product Security

@ Riot Games, Inc. | Los Angeles, USA

Senior DevSecOps Engineer - HYBRID

@ Sigma Defense | San Diego, California, United States

Senior Cloud Security Engineer (f/m/d)

@ ecosio | Vienna, Austria

Information Systems Security Manger (ISSM)

@ Scientific Systems Company, Inc. | Woburn, Massachusetts, United States

Cyber Assurance Manager

@ Tesco Bengaluru | Bengaluru, India