Vulnerabilities > CVE-2022-39879 - Missing Authorization vulnerability in Google Android 11.0/12.0

047910
CVSS 3.3 - LOW
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
LOW
Availability impact
NONE
local
low complexity
google
CWE-862

Summary

Improper authorization vulnerability in?CallBGProvider prior to SMR Nov-2022 Release 1 allows local attacker to grant permission for accessing information with phone uid.

Vulnerable Configurations

Part Description Count
OS
Google
2

Common Weakness Enumeration (CWE)