CVE-2022-20257
Summary
In Bluetooth, there is a possible way to pair a display only device without PIN confirmation due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222289114
- LOW
- LOCAL
- LOW
- UNCHANGED
- NONE
- LOW
- NONE
- NONE
References
Advisory Timeline
- Published