CVE-2022-27822
MEDIUMGoogle Android - Improper Access Control
Title source: ruleDescription
Information exposure vulnerability in ril property setting prior to SMR April-2022 Release 1 allows access to EF_RUIMID value without permission.
Scores
CVSS v3
6.6
EPSS
0.0002
EPSS Percentile
4.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Classification
CWE
CWE-284
CWE-668
Status
published
Affected Products (3)
google/android
google/android
google/android
Timeline
Published
Apr 11, 2022
Tracked Since
Feb 18, 2026