Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-20398

Sept. 13, 2022, 8:15 p.m. |

National Vulnerability Database nist.gov

In addOrUpdateNetwork of WifiServiceImpl.java, there is a possible way for a guest user to configure Wi-Fi due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-221859734

android cve

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Information Security Analyst

@ Metropolitan Transportation Commission | San Francisco, CA

Senior Professional Services Consultant I

@ Palo Alto Networks | New York City, United States

Senior Consultant, Security Research Services (Security Research Services (Unit 42) - Remote

@ Palo Alto Networks | Santa Clara, CA, United States

Software Architect – Endpoint Security

@ Zscaler | San Jose, CA, United States

Chief Information Security Officer H/F

@ AccorCorpo | Évry-Courcouronnes, France

Director of Security Engineering & Compliance

@ TaxBit | Washington, District of Columbia, United States

Principal, Product Security Architect

@ Western Digital | San Jose, CA, United States

IT Security Lead Consultant

@ Devoteam | Praha 1, Czech republic