CVE-2022-20133
Description
In setDiscoverableTimeout of AdapterService.java, there is a possible bypass of user interaction due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-206807679
Related CPE's
CvssV3 impact
Could not find any metrics
CvssV2 impact
AccessComplexity | LOW |
ConfidentialityImpact | COMPLETE |
AvailabilityImpact | COMPLETE |
IntegrityImpact | COMPLETE |
BaseScore | 7.199999809265137 |
VectorString | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Version | 2.0 |
AccessVector | LOCAL |
Authentication | NONE |