VDB

ASB-A-159373687

ASB-A-159373687 PUBLISHED CVSS 7 HIGH

In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configuration data due to a missing permission check. This could lead to local information disclosure of WiFi network names with no additional execution privileges needed. User interaction is not needed for exploitation.

Risk Scores

CVSS 4.0
7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N

Affected Products

VendorProductVersions
platformframeworks/opt/net/wifi8.1, 10, *
platformpackages/apps/Settings8.0:0, 10, *
platformframeworks/base10, 8.0:0, 8.0
platformpackages/apps/Car/Settings8.0:0, 10, *
platformpackages/services/Car8.0:0, 10, *

Timeline

  • Dec 1, 2020 CVE Published
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›