CVE-2022-20214

Name of the Vulnerable Software and Affected Versions Android versions 10 through 12

Description The issue concerns a tapjacking attack vulnerability in the In Car Settings app, specifically with the toggle button in Modify system settings. This allows attackers to overlay the toggle button, enabling apps to modify system settings without user consent.

Recommendations For Android versions 10 through 12, consider disabling the Modify system settings toggle button in the In Car Settings app as a temporary workaround until a patch is available. Restrict access to system settings modifications to minimize the risk of exploitation.