PUB-A-232798363

See a problem?

Import Source

https://storage.googleapis.com/android-osv/PUB-A-232798363.json

JSON Data

https://api.osv.dev/v1/vulns/PUB-A-232798363

Aliases

A-232798363
CVE-2022-20533

Published

2022-12-01T00:00:00Z

Modified

2026-01-21T16:21:53.939693Z

Summary

[none]

Details

In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

References

Affected packages

Android / platform/packages/apps/Settings

Package

Name: platform/packages/apps/Settings

Affected ranges

Type: ECOSYSTEM
Events: Introduced

13:0

Fixed

13:2022-12-01

Affected versions

Other

Ecosystem specific

{
    "fixes": [
        "https://android.googlesource.com/platform/packages/apps/Settings/+/5f421125abcdc78c73ef4af3da68ab623d2d95db"
    ],
    "vanir_signatures": [
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5f421125abcdc78c73ef4af3da68ab623d2d95db",
            "deprecated": false,
            "digest": {
                "line_hashes": [
                    "137983744424907869421349416450389844693",
                    "280080106990469651977084687195791678452",
                    "188839333270416660864091952438551563498",
                    "56910409752950726715948533654514992554",
                    "58268938634345600572599465271216050228",
                    "55148441852337092315091292426796754542",
                    "132070702210441912430959234429884186300",
                    "126763671819233558646582261366655430523",
                    "258724214376365319540918331863229346910",
                    "4945897638035594566558998369278461672",
                    "3065626731211669564420850861012595577",
                    "146548272042098257741913834659984587585",
                    "53142333524085514145321524812222960581",
                    "137448228559317945951489319352638687889",
                    "334969361162005617753980595116507640602"
                ],
                "threshold": 0.9
            },
            "signature_type": "Line",
            "id": "PUB-A-232798363-22b61127",
            "target": {
                "file": "src/com/android/settings/wifi/slice/WifiSlice.java"
            }
        },
        {
            "signature_version": "v1",
            "source": "https://android.googlesource.com/platform/packages/apps/Settings/+/5f421125abcdc78c73ef4af3da68ab623d2d95db",
            "deprecated": false,
            "digest": {
                "length": 1092.0,
                "function_hash": "197123585407078326444561702802873860629"
            },
            "signature_type": "Function",
            "id": "PUB-A-232798363-8f47d6fc",
            "target": {
                "function": "getSlice",
                "file": "src/com/android/settings/wifi/slice/WifiSlice.java"
            }
        }
    ],
    "types": [
        "EoP"
    ],
    "severity": "Moderate",
    "spl": "2022-12-01"
}

Database specific

source

"https://storage.googleapis.com/android-osv/PUB-A-232798363.json"