Google: >> Android >> 10.0 Security Vulnerabilities
In addAutomaticZenRule of ZenModeHelper.java, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242537431
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-28
In multiple files, there is a possible way to preserve WiFi settings due to residual data after a reset. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-241927115
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-28
In onCreatePreferences of EditInfoFragment.java, there is a possible way to read contacts belonging to other users due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-248251018
CVSS Score
3.3
EPSS Score
0.0
Published
2023-02-28
In several functions of MediaCodec.cpp, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-245860753
CVSS Score
7.8
EPSS Score
0.0
Published
2023-02-28
In clearApplicationUserData of ActivityManagerService.java, there is a possible way to remove system files due to a path traversal error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-240267890
CVSS Score
7.8
EPSS Score
0.0
Published
2023-02-28
In run of ChooseTypeAndAccountActivity.java, there is a possible escalation of privilege due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-244154558
CVSS Score
7.8
EPSS Score
0.0
Published
2023-02-28
The framework service handles pendingIntent incorrectly, allowing a malicious application with certain privileges to perform privileged actions.
CVSS Score
5.6
EPSS Score
0.003
Published
2023-02-17
In wlan driver, there is a possible missing permission check. This could lead to local information disclosure.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12
In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-02-12