CVE-2022-20599

Published: Dic 16, 2022 Last Modified: Nov 21, 2024 EU-VD ID: EUVD-2022-25859 Aliases: GSD-2022-20599

ExploitDB:

Other exploit source:

Google Dorks:

MEDIUM 6,7

Source: [email protected]

Attack Vector: local

Attack Complexity: low

Privileges Required: high

User Interaction: none

Scope: unchanged

Confidentiality: high

Integrity: high

Availability: high

Description

AI Translation Available

In Pixel firmware, there is a possible exposure of sensitive memory due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242332706References: N/A

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score

0,0002

Percentile

0,0th

Updated

EPSS Score Trend (Last 90 Days)

Operating System

Android by Google

Product Information

Vendor Google

Product Android

Version -

CPE Identifier

View Detailed Analysis


                  cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Common Platform Enumeration - Standardized vulnerability identification

https://source.android.com/security/bulletin/pixel/2022-12-…

Vendor Advisory

https://source.android.com/security/bulletin/pixel/2022-12-01

https://source.android.com/security/bulletin/pixel/2022-12-…

Vendor Advisory

https://source.android.com/security/bulletin/pixel/2022-12-01

CVE-2022-20599

Description

EPSS (Exploit Prediction Scoring System)

EPSS (Exploit Prediction Scoring System)

EPSS Score Trend (Last 90 Days)

Android by Google

Product Information

Iscriviti alla newsletter