CVE-2022-20244

HIGH

Android 13 - Out-of-bounds Write in Bluetooth

Title source: llm
STIX 2.1

Description

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201083240

References (1)

Core 1
Core References

Scores

CVSS v3 7.5
EPSS 0.0015
EPSS Percentile 4.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
google/android 13.0.0
Published Aug 11, 2022
Tracked Since Feb 18, 2026