CVE-2022-27837

Summary

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileAccessibility- < 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0)affected

Weaknesses

  • CWE-94: CWE-94: Improper Control of Generation of Code ('Code Injection')

ADP Enrichment

CVE Program Container

Additional References

References