VYPR
Medium severity5.5NVD Advisory· Published Aug 10, 2022· Updated Jun 17, 2026

CVE-2022-20350

CVE-2022-20350

Description

In onCreate of NotificationAccessConfirmationActivity.java, there is a possible way to trick the victim to grant notification access to the wrong app due to improper input validation. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228178437

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Google/Android SDKcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: >=10, <=12L

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.