How severe is CVE-2022-20214?

CVE-2022-20214 has a CVSS v3 score of 4.7 (MEDIUM).

CVE-2022-20214

Name: android
Author: google

4.7MEDIUM

In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user conse

Publicado: 1/26/2023Atualizado: 4/1/2025

Descrição

In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210

Análise IADesenvolvido por IA

Produtos Afetados

googleandroid

10.0

googleandroid

11.0

googleandroid

12.0

Referências

https://source.android.com/security/bulletin/aaos/2023-01-01
Vendor Advisory
https://source.android.com/security/bulletin/aaos/2023-01-01
Vendor Advisory