CVE-2022-20342
LOWAndroid 13 - Unauthenticated WiFi Password Disclosure via Insecure Default Value
Title source: llmDescription
In WiFi, there is a possible disclosure of WiFi password to the end user due to an insecure default value. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-143534321
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/android-13
Scores
CVSS v3
3.3
EPSS
0.0009
EPSS Percentile
0.8%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-1188
Status
published
Products (1)
google/android
13.0
Published
Aug 12, 2022
Tracked Since
Feb 18, 2026