Unrated severityNVD Advisory· Published Jun 15, 2022· Updated Aug 3, 2024
CVE-2022-20145
CVE-2022-20145
Description
In startLegacyVpnPrivileged of Vpn.java, there is a possible way to retrieve VPN credentials due to a protocol downgrade attack. This could lead to remote escalation of privilege if a malicious Wi-Fi AP is used, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-201660636
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Android/Android kerneldescription
- Range: =11
Patches
Vulnerability mechanics
References
1- source.android.com/security/bulletin/2022-06-01mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.