CVE-2022-20216

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue concerns the android exported setting used for third-party app access permissions, where the default value of intent-filter is true. Specifically, com.sprd.firewall has its exported value set to true. This could potentially allow unauthorized access to certain features or data.

Recommendations For Android versions prior to the fixed version, consider restricting access to the com.sprd.firewall component to minimize the risk of exploitation. As a temporary workaround, review and adjust the intent-filter settings to ensure that only necessary permissions are granted to third-party apps. At the moment, there is no information about a newer version that contains a fix for this vulnerability.