Settings
CVEs (24)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-28781 | 0.00 | — | 0.00 | May 3, 2022 | Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller. | |||
| CVE-2022-22263 | 0.00 | — | 0.00 | Jan 7, 2022 | Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity. | |||
| CVE-2021-25393 | 0.00 | — | 0.00 | Jun 11, 2021 | Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data. | |||
| CVE-2020-0051 | 0.00 | — | 0.00 | Mar 10, 2020 | In onCreate of SettingsHomepageActivity, there is a possible tapjacking attack. This could lead to local escalation of privilege in Settings with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android… |
- CVE-2022-28781May 3, 2022risk 0.00cvss —epss 0.00
Improper input validation in Settings prior to SMR-May-2022 Release 1 allows attackers to launch arbitrary activity with system privilege. The patch adds proper validation logic to check the caller.
- CVE-2022-22263Jan 7, 2022risk 0.00cvss —epss 0.00
Unprotected dynamic receiver in SecSettings prior to SMR Jan-2022 Release 1 allows untrusted applications to launch arbitrary activity.
- CVE-2021-25393Jun 11, 2021risk 0.00cvss —epss 0.00
Improper sanitization of incoming intent in SecSettings prior to SMR MAY-2021 Release 1 allows local attackers to get permissions to access system uid data.
- CVE-2020-0051Mar 10, 2020risk 0.00cvss —epss 0.00
In onCreate of SettingsHomepageActivity, there is a possible tapjacking attack. This could lead to local escalation of privilege in Settings with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android…
Page 2 of 2