Loading HuntDB...

GHSA-j6gq-c29x-24x7

GitHub Security Advisory

⚠ Unreviewed HIGH Has CVE

Advisory Details

In onAttach of ConnectedDeviceDashboardFragment.java, there is a possible permission bypass due to a confused deputy. This could lead to remote escalation of privilege in Bluetooth settings with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-228450811

Related CVEs

Key Information

GHSA ID
GHSA-j6gq-c29x-24x7
Published
August 11, 2022 12:00 AM
Last Modified
August 13, 2022 12:00 AM
CVSS Score
7.5 /10
Primary Ecosystem
Unknown
Primary Package
Unknown
GitHub Reviewed
✗ No

Dataset

Last updated: July 31, 2025 6:36 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.