High severity7.8NVD Advisory· Published Nov 8, 2022· Updated Jun 17, 2026
CVE-2022-20441
CVE-2022-20441
Description
In navigateUpTo of Task.java, there is a possible way to launch an unexported intent handler due to a logic error in the code. This could lead to local escalation of privilege if the targeted app has an intent trampoline, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-238605611
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- source.android.com/security/bulletin/2022-11-01nvdVendor Advisory
News mentions
0No linked articles in our index yet.