In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-179699767
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://source.android.com/security/bulletin/2022-05-01 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2022-05-10T19:55:23
Updated: 2024-08-03T01:55:46.089Z
Reserved: 2021-10-06T00:00:00
Link: CVE-2022-20004
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-05-10T20:15:08.850
Modified: 2023-08-08T14:21:49.707
Link: CVE-2022-20004
Redhat
No data.