Untrusted Applications Exploit Improper Access Control to Reset Default App Settings in Wear OS 3.0

Untrusted Applications Exploit Improper Access Control to Reset Default App Settings in Wear OS 3.0

CVE-2022-24930 · LOW Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

An Improper access control vulnerability in StRetailModeReceiver in Wear OS 3.0 prior to Firmware update MAR-2022 Release allows untrusted applications to reset default app settings without a proper permission

Learn more about our Web Application Penetration Testing UK.