Critical Vulnerabilities in Android Operating System

Published on 08 Dec 2022 | Updated on 08 Dec 2022

Google has released the December 2022 security updates for Android operating system to address multiple vulnerabilities, including four critical vulnerabilities.

The critical vulnerabilities are:

  • CVE-2022-20472 and CVE-2022-20473: Remote code execution flaw in Android Framework, impacting Android versions 10 to 13.
  • CVE-2022-20411: Remote code execution flaw in Android System, impacting Android versions 10 to 13.
  • CVE-2022-20498: Information disclosure flaw in Android System, impacting Android versions 10 to 13.

Successful exploitation of these vulnerabilities could allow an attacker to perform remote code execution and information disclosure on a targeted system.

Users of affected Android versions are advised to monitor for updates from their respective product vendors and perform the necessary updates as and when they are released.

More information is available at:

https://source.android.com/docs/security/bulletin/2022-12-01

https://www.bleepingcomputer.com/news/security/android-december-2022-security-updates-fix-81-vulnerabilities/

Tags
Alerts Alerts & Advisories
Share