VDB

ASB-A-228450811

ASB-A-228450811 PUBLISHED

In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Products

VendorProductVersions
platformpackages/apps/Settings10:0, 12L:0, 12L

Timeline

  • Aug 1, 2022 CVE Published
  • May 15, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›