CVE-2022-20512

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description The issue is related to improper input validation in the navigateUpTo function of Task.java, which could allow launching an intent handler with a mismatched intent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not required for exploitation.

Recommendations For Android version Android-13, consider restricting the use of the navigateUpTo function in Task.java until a patch is available. As a temporary workaround, review and validate all intent handlers to prevent potential mismatches.