PT-2022-18626 · Google · Android
Published
2022-04-11
·
Updated
2022-09-09
·
CVE-2022-27837
CVSS v2.0
9.3
High
| Vector | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions prior to 12.5.3.2 in Android R(11.0)
Android versions prior to 13.0.1.1 in Android S(12.0)
Description
A vulnerability using PendingIntent in Accessibility allows an attacker to access files with system privilege.
Recommendations
For Android R(11.0) versions prior to 12.5.3.2, update to version 12.5.3.2 or later.
For Android S(12.0) versions prior to 13.0.1.1, update to version 13.0.1.1 or later.
Fix
Code Injection
Files Accessible to External Parties
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Android