CVE-2022-39912

Summary

Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.

Affected Software

VendorProductVersion RangeStatus
Samsung MobileSamsung Mobile Devicesunspecified < Android T(13)affected

Weaknesses

  • CWE-280: CWE-280: Improper Handling of Insufficient Permissions or Privileges

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References