How severe is CVE-2022-20214?

CVE-2022-20214 has a CVSS v3 score of 4.7 (MEDIUM).

CVE-2022-20214

Name: android
Author: google

4.7MEDIUM

In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user conse

Publicado: 1/26/2023Actualizado: 4/1/2025

Descripción

In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210

Análisis IAImpulsado por IA

Productos Afectados

googleandroid

10.0

googleandroid

11.0

googleandroid

12.0

Referencias

https://source.android.com/security/bulletin/aaos/2023-01-01
Vendor Advisory
https://source.android.com/security/bulletin/aaos/2023-01-01
Vendor Advisory