Tapjacking Vulnerability in Car Settings App Allows Unauthorized Modification of System Settings
CVE-2022-20214 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N
In Car Settings app, the toggle button in Modify system settings is vulnerable to tapjacking attack. Attackers can overlay the toggle button to enable apps to modify system settings without user consent.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-183411210
Learn more about our Cis Benchmark Audit For Google Android.