Logic Error in SystemUI Allows Unexpected Activation of External Speaker, Leading to Local Information Disclosure

Logic Error in SystemUI Allows Unexpected Activation of External Speaker, Leading to Local Information Disclosure

CVE-2022-20317 · MEDIUM Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

In SystemUI, there is a possible way to unexpectedly enable the external speaker due to a logic error in the code. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199063

Learn more about our Cis Benchmark Audit For Google Android.