ASB-A-243849844
See a problem?- Import Source
- https://storage.googleapis.com/android-osv/ASB-A-243849844.json
- JSON Data
- https://api.osv.dev/v1/vulns/ASB-A-243849844
- Aliases
-
- A-243849844
- CVE-2022-20495
- Published
- 2022-12-01T00:00:00Z
- Modified
- 2026-04-30T15:48:46.890647Z
- Summary
- [none]
- Details
-
In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
- References
Affected packages
Android
platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 569.0,
"function_hash": "256567717900539817207598731645102704557"
},
"id": "ASB-A-243849844-4b21c9fc",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java",
"function": "getEnabledAccessibilityServiceList"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"15472168467829777155972695369766909984",
"113313693706057117147096543104199435558",
"105833602642437050762795875353718347326",
"110806656359569617845981554468547802851"
],
"threshold": 0.9
},
"id": "ASB-A-243849844-b8e27c37",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 569.0,
"function_hash": "256567717900539817207598731645102704557"
},
"id": "ASB-A-243849844-b144b9f5",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java",
"function": "getEnabledAccessibilityServiceList"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"15472168467829777155972695369766909984",
"113313693706057117147096543104199435558",
"105833602642437050762795875353718347326",
"110806656359569617845981554468547802851"
],
"threshold": 0.9
},
"id": "ASB-A-243849844-c66a22b9",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Function",
"digest": {
"length": 569.0,
"function_hash": "256567717900539817207598731645102704557"
},
"id": "ASB-A-243849844-4c0eb4cf",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java",
"function": "getEnabledAccessibilityServiceList"
}
},
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"15472168467829777155972695369766909984",
"113313693706057117147096543104199435558",
"105833602642437050762795875353718347326",
"110806656359569617845981554468547802851"
],
"threshold": 0.9
},
"id": "ASB-A-243849844-4f9581db",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"15472168467829777155972695369766909984",
"113313693706057117147096543104199435558",
"105833602642437050762795875353718347326",
"110806656359569617845981554468547802851"
],
"threshold": 0.9
},
"id": "ASB-A-243849844-170122da",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 569.0,
"function_hash": "256567717900539817207598731645102704557"
},
"id": "ASB-A-243849844-5a23e3b9",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java",
"function": "getEnabledAccessibilityServiceList"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377"
]
}platform/frameworks/base
Package
- Name
- platform/frameworks/base
Ecosystem specific
{
"severity": "High",
"spl": "2022-12-01",
"vanir_signatures": [
{
"signature_type": "Line",
"digest": {
"line_hashes": [
"15472168467829777155972695369766909984",
"113313693706057117147096543104199435558",
"105833602642437050762795875353718347326",
"110806656359569617845981554468547802851"
],
"threshold": 0.9
},
"id": "ASB-A-243849844-123210b2",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java"
}
},
{
"signature_type": "Function",
"digest": {
"length": 569.0,
"function_hash": "256567717900539817207598731645102704557"
},
"id": "ASB-A-243849844-2185f50a",
"signature_version": "v1",
"deprecated": false,
"source": "https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377",
"target": {
"file": "services/accessibility/java/com/android/server/accessibility/AccessibilityManagerService.java",
"function": "getEnabledAccessibilityServiceList"
}
}
],
"types": [
"EoP"
],
"fixes": [
"https://android.googlesource.com/platform/frameworks/base/+/2bc4d49c2b0265f5de1c62d1342b1426cc5e1377"
]
}