PT-2022-16396 · Google · Wear Os

Published

2022-02-11

Updated

2022-02-22

CVE-2022-23995

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Name of the Vulnerable Software and Affected Versions Wear OS version 3.0 prior to Firmware update Feb-2022 Release

Description The issue concerns an unprotected component vulnerability in the StBedtimeModeAlarmReceiver. This vulnerability allows untrusted applications to change bedtime mode without proper permission.

Recommendations For Wear OS version 3.0, apply the Firmware update Feb-2022 Release to resolve the issue.

Fix

Improper Access Control

Incorrect Default Permissions

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-276

Related Identifiers

CVE-2022-23995

Affected Products

Wear Os

PT-2022-16396 · Google · Wear Os

CVE-2022-23995

Weakness Enumeration

Related Identifiers

Affected Products

References · 4