Improper Input Validation in Messaging App Allows Unauthorized File Attachment and Information Disclosure

Improper Input Validation in Messaging App Allows Unauthorized File Attachment and Information Disclosure

CVE-2022-20241 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-217185011

Learn more about our Cis Benchmark Audit For Google Android.