CVE-2022-20453

Name of the Vulnerable Software and Affected Versions Android versions Android-10 through Android-13

Description The issue is related to a path traversal error in the update of MmsProvider.java, which could lead to a constriction of directory permissions. This might cause a local denial of service of SIM recognition, and it does not require additional execution privileges. User interaction is necessary for exploitation.

Recommendations For Android versions Android-10 through Android-13, consider restricting access to the MmsProvider.java module to minimize the risk of exploitation until a patch is available.