Vulnerabilities > CVE-2022-1799 - Unspecified vulnerability in Google Play Services Software Development KIT

CVSS 9.8 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

google

critical

NVD

Published: 2022-07-29

Updated: 2022-08-05

Summary

Incorrect signature trust exists within Google Play services SDK play-services-basement. A debug version of Google Play services is trusted by the SDK for devices that are non-GMS. We recommend upgrading the SDK past the 2022-05-03 release.

Vulnerable Configurations

Part	Description	Count
Application	Google Google Google Play Services Software Development KIT *	1

References

https://developers.google.com/android/guides/releases#may_03_2022