Sandbox Escape Vulnerability Allows Bypass of Factory Reset Protections in Android

Sandbox Escape Vulnerability Allows Bypass of Factory Reset Protections in Android

CVE-2022-20302 · HIGH Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

In Settings, there is a possible way to bypass factory reset protections due to a sandbox escape. This could lead to local escalation of privilege if the attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-200746457

Learn more about our Cis Benchmark Audit For Google Android.