CVE-2022-20533

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description A missing permission check in the getSlice function of WifiSlice.java allows for a possible connection to a new WiFi network from guest mode. This could lead to local escalation of privilege without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android version Android-13, consider restricting access to the WifiSlice.java module to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the guest mode may help mitigate the issue.