Open mend-bolt-for-github[bot] opened 1 year ago
mend-bolt-for-github[bot]
commented
1 year ago :heavy_check_mark: This issue was automatically closed by Mend because the vulnerable library in the specific branch(es) was either marked as ignored or it is no longer part of the Mend inventory.
mend-bolt-for-github[bot]
commented
1 year ago :information_source: This issue was automatically re-opened by Mend because the vulnerable library in the specific branch(es) has been detected in the Mend inventory.
CVE-2022-20529 - Low Severity Vulnerability
Library home page: https://android.googlesource.com/platform/packages/apps/Settings
Found in HEAD commit: 081b5699d08adc751bd29d01eff86bb13c550019
Found in base branch: master
In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege in wifi settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-231583603
Publish Date: 2022-12-16
URL: CVE-2022-20529
Base Score Metrics: - Exploitability Metrics: - Attack Vector: Physical - Attack Complexity: Low - Privileges Required: None - User Interaction: None - Scope: Unchanged - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: None - Availability Impact: None
For more information on CVSS3 Scores, click here.Type: Upgrade version
Origin: https://android.googlesource.com/platform/frameworks/base/+/8b83094ae3080495f6f95d0a1549ccc5594b5354
Release Date: 2022-12-16
Fix Resolution: android-13.0.0_r16
Step up your Open Source Security Game with Mend here