Lucene search
Google_androidCVELIST:CVE-2022-20124HistoryJun 15, 2022 - 12:00 a.m.
CVE-2022-20124
2022-06-1500:00:00
google_android
www.cve.org
2
android
deletepackagehelper.java
local privilege escalation
permissions bypass
guest user
EPSS
0
Percentile
5.1%
In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-170646036
CNA Affected
[
{
"vendor": "n/a",
"product": "Android",
"versions": [
{
"version": "Android-10 Android-11 Android-12 Android-12L Android-13",
"status": "affected"
}
]
}
]Related
cnvd
cnvd
cve
cve
CVE-2022-20124
2022-06-15 13:15:08
prion
prion
Design/Logic Flaw
2022-06-15 13:15:00
osv
osv
Broken Permission Check
2022-12-01 00:00:00
nvd
nvd
CVE-2022-20124
2022-06-15 13:15:08