CVE-2022-20125

Description

In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-194402515

Related CPE's

o google android 10.0 *******

o google android 11.0 *******

o google android 12.0 *******

o google android 12.1 *******

References

https://source.android.com/security/bulletin/2022-06-01

Vendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

AccessComplexity	LOW
ConfidentialityImpact	COMPLETE
AvailabilityImpact	COMPLETE
IntegrityImpact	COMPLETE
BaseScore	7.199999809265137
VectorString	AV:L/AC:L/Au:N/C:C/I:C/A:C
Version	2.0
AccessVector	LOCAL
Authentication	NONE

Created by Yello

About Severity.io