In Telecom, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
References
Link | Resource |
---|---|
https://source.android.com/docs/security/bulletin/android-14 | Vendor Advisory |
Configurations
History
12 Jan 2024, 21:57
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://source.android.com/docs/security/bulletin/android-14 - Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.5 |
CPE | cpe:2.3:o:google:android:-:*:*:*:*:*:*:* | |
CWE | NVD-CWE-noinfo | |
First Time |
Google
Google android |
07 Nov 2023, 13:58
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | In Telecom, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
30 Oct 2023, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | ** REJECT ** In Telecom, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. |
28 Dec 2022, 19:15
Type | Values Removed | Values Added |
---|---|---|
CPE | ||
CVSS |
v2 : v3 : |
v2 : unknown
v3 : unknown |
Summary | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |
References |
|
|
CWE |
20 Dec 2022, 20:12
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:* | |
First Time |
Google android
|
|
CWE | CWE-203 | |
References | (MISC) https://source.android.com/security/bulletin/pixel/2022-12-01 - Patch, Vendor Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 3.3 |
16 Dec 2022, 17:11
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-16 16:15
Updated : 2024-01-12 21:57
NVD link : CVE-2022-20531
Mitre link : CVE-2022-20531
CVE.ORG link : CVE-2022-20531
JSON object : View
Products Affected
- android
CWE