PUB-A-224545390 — Vulnetix

PUB-A-224545390 PUBLISHED

In getView of AddAppNetworksFragment.java, there is a possible way to mislead the user about network add requests due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Affected Products

Vendor	Product	Versions
platform	packages/apps/Settings	13:0, 13, 13:0

Timeline

Dec 1, 2022 CVE Published
May 15, 2026 CVE Updated

References

https://source.android.com/security/bulletin/2022-12-01 advisory
https://android.googlesource.com/platform/packages/apps/Settings/+/08adf4c2ede8dbad16e2a4d71d807223279b7107 patch

Open in Interactive Console →