CVE-2022-20251

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description The issue concerns a side channel information disclosure in LocaleManager, allowing an attacker to determine if an app is installed without requiring query permissions. This could lead to local information disclosure, and no additional execution privileges are needed for exploitation. User interaction is not required for this issue to be exploited.

Recommendations For Android version Android-13, consider restricting access to sensitive information until a fix is available. As a temporary workaround, avoid using the LocaleManager functionality to minimize the risk of information disclosure. At the moment, there is no information about a newer version that contains a fix for this issue.