CVE-2022-20327

Name of the Vulnerable Software and Affected Versions Android version 13

Description There is a possible way to retrieve the WiFi SSID without location permissions due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation.

Recommendations For Android version 13, consider restricting access to WiFi SSID retrieval functions until a patch is available. As a temporary workaround, review and restrict applications that request location permissions to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.