CVE-2022-20339 : In Android, there is a possible access of network neighbor table information due

In Android, there is a possible access of network neighbor table information due to an insecure SEpolicy configuration. This could lead to local information disclosure of network topography with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-171572148

Published 2022-08-12 15:15:13

Updated 2022-08-16 11:00:34

Source Android (associated with Google Inc. or Open Handset Alliance)

View at NVD, CVE.org

Vulnerability category: Information leak

Products affected by CVE-2022-20339

Google » Android » Version: 13.0
cpe:2.3:o:google:android:13.0:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2022-20339

EPSS FAQ

0.02%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 3 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2022-20339

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
3.3	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N	1.8	1.4	NIST
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

References for CVE-2022-20339

https://source.android.com/security/bulletin/android-13

Android 13 Security Release Notes | Android Open Source Project
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2022-20339

Products affected by CVE-2022-20339

Exploit prediction scoring system (EPSS) score for CVE-2022-20339

CVSS scores for CVE-2022-20339

References for CVE-2022-20339