Vulnerability Description
Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.
CVSS Score
6.2
MEDIUM
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | < 13.0 |
Related Weaknesses (CWE)
References
- https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12Vendor Advisory
- https://security.samsungmobile.com/serviceWeb.smsb?year=2022&month=12Vendor Advisory
FAQ
What is CVE-2022-39912?
CVE-2022-39912 is a vulnerability with a CVSS score of 6.2 (MEDIUM). Improper handling of insufficient permissions vulnerability in setSecureFolderPolicy in PersonaManagerService prior to Android T(13) allows local attackers to set some setting value in Secure folder.
How severe is CVE-2022-39912?
CVE-2022-39912 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-39912?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.