CVE-2022-20004

Summary

In checkSlicePermission of SliceManagerService.java, it is possible to access any slice URI due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-179699767

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-10 Android-11 Android-12 Android-12Laffected

Weaknesses

  • Elevation of privilege

ADP Enrichment

CVE Program Container

Additional References

References