Unauthorized Use of JavaScript Interface API in Android Dynamic Lockscreen

Unauthorized Use of JavaScript Interface API in Android Dynamic Lockscreen

CVE-2022-39862 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api.

Learn more about our Cis Benchmark Audit For Google Android.