System Privilege File Access Vulnerability via PendingIntent in Android Accessibility

System Privilege File Access Vulnerability via PendingIntent in Android Accessibility

CVE-2022-27837 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

A vulnerability using PendingIntent in Accessibility prior to version 12.5.3.2 in Android R(11.0) and 13.0.1.1 in Android S(12.0) allows attacker to access the file with system privilege.

Learn more about our Cis Benchmark Audit For Google Android.