Sandbox Escape Vulnerability in GBoard Allows Bypassing Factory Reset Protections

Sandbox Escape Vulnerability in GBoard Allows Bypassing Factory Reset Protections

CVE-2022-20125 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In GBoard, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-194402515

Learn more about our Cis Benchmark Audit For Google Android.