CVE-2022-20312

MEDIUM

Android 13 - Unauthenticated Local Information Disclosure via WifiP2pManager

Title source: llm
STIX 2.1

Description

In WifiP2pManager, there is a possible toobtain WiFi P2P MAC address without user consent due to missing permission check. This could lead to local information disclosure without additional execution privileges needed. User interaction is not needed forexploitationProduct: AndroidVersions: Android-13Android ID: A-192244925

References (1)

Core 1
Core References

Scores

CVSS v3 5.5
EPSS 0.0009
EPSS Percentile 0.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-862
Status published
Products (1)
google/android 13.0
Published Aug 12, 2022
Tracked Since Feb 18, 2026