2.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
CPE | Name | Operator | Version |
---|---|---|---|
platform/packages/modules/wifi | eq | 12L | |
platform/frameworks/base | eq | 12L | |
platform/packages/modules/wifi | eq | 12 | |
platform/frameworks/base | eq | 12 |
android.googlesource.com/platform/frameworks/base/+/530407c903c3b06c6bd0a423937531f95eb116ae
android.googlesource.com/platform/frameworks/base/+/61c2d0291bd5b9b39a1d7db7454b3d7c630e7de9
android.googlesource.com/platform/frameworks/base/+/cad40dc9b13596b85df5a41b25fc07c0854dc65a
android.googlesource.com/platform/packages/modules/Wifi/+/bb99dc7a9e5c6b14f672ee12c6e4093803b8b915
source.android.com/security/bulletin/2022-12-01
2.3 Low
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
6.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%