Vulnerabilities > CVE-2022-36856 - Missing Authorization vulnerability in Google Android 12.0

CVSS 3.3 - LOW

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

local

low complexity

google

CWE-862

NVD

Published: 2022-09-09

Updated: 2023-07-21

Summary

Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission.

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android 12.0	1

Common Weakness Enumeration (CWE)

CWE-862 - Missing Authorization

References

https://security.samsungmobile.com/securityUpdate.smsb?year=2022&month=09