CVE-2022-20224

HIGH

Android - Out-of-bounds Read in Bluetooth AT_SKIP_REST

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-20224. PoCs published by ShaikUsaf.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-20224, targeting the Fluoride Bluetooth stack in Android Open Source Project (AOSP). The exploit involves building and running the Fluoride Bluetooth stack on Linux, with specific instructions for Ubuntu.

Description

In AT_SKIP_REST of bta_hf_client_at.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure in the Bluetooth stack with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220732646

Exploits (1)

nomisec WORKING POC
by ShaikUsaf · poc
https://github.com/ShaikUsaf/system_bt_AOSP10_r33_CVE-2022-20224

This repository contains a proof-of-concept exploit for CVE-2022-20224, targeting the Fluoride Bluetooth stack in Android Open Source Project (AOSP). The exploit involves building and running the Fluoride Bluetooth stack on Linux, with specific instructions for Ubuntu.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Fluoride Bluetooth stack in AOSP
No auth needed
Prerequisites: Access to the target system · Ability to build and run the Fluoride Bluetooth stack
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/2022-07-01

Scores

CVSS v3 7.5
EPSS 0.0099
EPSS Percentile 57.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-125
Status published
Products (4)
google/android 10.0
google/android 11.0
google/android 12.0
google/android 12.1
Published Jul 13, 2022
Tracked Since Feb 18, 2026