CVE-2022-20208

Name of the Vulnerable Software and Affected Versions Android versions Android-12L

Description In the parseRecursively function of cppbor parse.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android version Android-12L, update to a version that includes the fix for the issue in cppbor parse.cpp. As a temporary workaround, consider restricting access to sensitive information to minimize the risk of exploitation.