Insecure SEpolicy Configuration Allows Unauthorized Access to Network Neighbor Table Information in Android

Insecure SEpolicy Configuration Allows Unauthorized Access to Network Neighbor Table Information in Android

CVE-2022-20339 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-171572148

Learn more about our Cis Benchmark Audit For Google Android.