Insufficient Log Filtering in Android Accounts Allows for Local Information Disclosure

Insufficient Log Filtering in Android Accounts Allows for Local Information Disclosure

CVE-2022-20278 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

In Accounts, there is a possible way to write sensitive information to the system log due to insufficient log filtering. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-205130113

Learn more about our Cis Benchmark Audit For Google Android.