Google: >> Android >> 10.0 Security Vulnerabilities
In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242704043
CVSS Score
7.8
EPSS Score
0.0
Published
2023-01-26
In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183794206
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-26
In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242703780
CVSS Score
7.8
EPSS Score
0.0
Published
2023-01-26
In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due to a tapjacking/overlay attack. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183410508
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-26
In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210
CVSS Score
4.7
EPSS Score
0.001
Published
2023-01-26
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04
In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-01-04