PT-2022-23670 · Google · Android
Published
2022-09-09
·
Updated
2022-09-21
·
CVE-2022-36866
CVSS v3.1
4.0
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Broadcaster in Group Sharing versions prior to 13.0.6.15 in Android S(12)
Broadcaster in Group Sharing versions prior to 13.0.6.14 in Android R(11) and below
Description
The issue is related to improper access control, allowing attackers to identify the device. This is a problem in the Broadcaster component of Group Sharing.
Recommendations
For versions prior to 13.0.6.15 in Android S(12), update to version 13.0.6.15 or later.
For versions prior to 13.0.6.14 in Android R(11) and below, update to version 13.0.6.14 or later.
Fix
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android