Risk Scores
CVSS v4.0
6.699999809265137
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| platform | frameworks/base | 12:0, 12, 12L |
Timeline
- Dec 1, 2022 CVE Published
- May 15, 2026 CVE Updated
In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with physical access required and an app that runs above the lockscreen, with no additional execution privileges needed. User interaction is not needed for exploitation.
| Vendor | Product | Versions |
|---|---|---|
| platform | frameworks/base | 12:0, 12, 12L |