{"vulnerability": "CVE-2022-2023", "sightings": [{"uuid": "38ac684f-da9c-4a3d-a355-4b41bd483482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20233", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/1041", "content": "\u0645\u0647\u0627\u062c\u0645\u0629 Titan M \u0627\u0644\u062e\u0627\u0635 \u0628\u0640 Pixel \u0628\u0628\u0627\u064a\u062a \u0648\u0627\u062d\u062f \u0641\u0642\u0637 (CVE-2022-20233) \u0648\u0627\u0644\u062d\u0635\u0648\u0644 \u0639\u0644\u0649 \u0645\u0643\u0627\u0641\u0623\u0629 \u0642\u062f\u0631\u0647\u0627 75000 \u062f\u0648\u0644\u0627\u0631 \u0623\u0645\u0631\u064a\u0643\u064a\n https://blog.quarkslab.com/attacking-titan-m-with-only-one-byte.html", "creation_timestamp": "2024-03-29T18:27:13.000000Z"}, {"uuid": "fdd59fe7-65da-4b85-9ee6-dd2dcdf88613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20233", "type": "published-proof-of-concept", "source": "Telegram/EkYpjJF3DATilPedadX7cZ41ZZ9vTRpVKpyM-Y-ezSOH-w", "content": "", "creation_timestamp": "2023-11-22T10:10:42.000000Z"}, {"uuid": "26f306e9-9e00-48af-939f-54f8471028b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20233", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/3305", "content": "\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u0430\u043c \u0438\u0437 Quarkslab \u0432\u0438\u0434\u0438\u043c\u043e \u043d\u0435\u0447\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u0434\u0435\u043b\u0430\u0442\u044c \u0438 \u043e\u043d\u0438 \u0440\u0435\u0448\u0438\u043b\u0438 \u0437\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u0444\u0430\u0437\u0437\u0438\u043d\u0433\u043e\u043c \u0447\u0438\u043f\u0430 Google Titan M, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0431\u043e\u0440\u0442\u0443 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432 Pixel.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 \u0442\u0430\u043a\u0438 \u0443\u0432\u0435\u043d\u0447\u0430\u043b\u043e\u0441\u044c \u0443\u0441\u043f\u0435\u0445\u043e\u043c \u0438 \u043e\u043d\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043a\u0440\u0438\u0441\u0442\u0430\u043b\u0435, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u043e\u043c \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u043d\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Pixel, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0443\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0443.\n\n\u0411\u0430\u0433\u0430 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2022-20233 \u0438 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Android \u0432 \u0438\u044e\u043d\u0435 2022 \u0433\u043e\u0434\u0430, \u043a\u043e\u0433\u0434\u0430 Google \u043e\u043f\u0438\u0441\u0430\u043b \u0435\u0435 \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0437\u0430\u043f\u0438\u0441\u044c\u044e \u0437\u0430 \u0433\u0440\u0430\u043d\u0438\u0446\u0430\u043c\u0438 \u0431\u0443\u0444\u0435\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0438\u0437-\u0437\u0430 \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0433\u0440\u0430\u043d\u0438\u0446.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0434\u043b\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0434\u0430\u0436\u0435 \u043d\u0430\u043f\u0438\u0441\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b \u0438\u043c \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0443\u044e \u043f\u0430\u043c\u044f\u0442\u044c \u043d\u0430 \u0447\u0438\u043f\u0435 \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043a\u043b\u044e\u0447, \u0437\u0430\u0449\u0438\u0449\u0435\u043d\u043d\u044b\u0439 StrongBox, \u0442\u0435\u043c \u0441\u0430\u043c\u044b\u043c \u043e\u0431\u0445\u043e\u0434\u044f \u0441\u0430\u043c\u044b\u0439 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0437\u0430\u0449\u0438\u0442\u044b Keystore \u043d\u0430 Android.\n\n\u041e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0438 \u0432 \u043c\u0430\u0440\u0442\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u0430 \u0432 \u0438\u044e\u043d\u0435 Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043f\u0430\u0442\u0447.\n\n\u0418\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e IT-\u0433\u0438\u0433\u0430\u043d\u0442 \u043f\u0440\u0438\u0441\u0443\u0434\u0438\u043b \u0432\u043e\u0437\u043d\u0430\u0433\u0440\u0430\u0436\u0434\u0435\u043d\u0438\u0435 \u0432 \u0440\u0430\u0437\u043c\u0435\u0440\u0435 10 000 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u0437\u0430 \u043e\u0448\u0438\u0431\u043a\u0443, \u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043e\u0446\u0435\u043d\u0438\u043b\u0430 \u0432\u044b\u043f\u043b\u0430\u0442\u0443 \u0431\u043e\u043b\u0435\u0435 \u0434\u043e\u0441\u0442\u043e\u0439\u043d\u043e \u0438 \u0443\u0432\u0435\u043b\u0438\u0447\u0438\u043b\u0430 \u0433\u043e\u043d\u043e\u0440\u0430\u0440 \u0434\u043e 75 000 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432.", "creation_timestamp": "2022-08-17T20:00:06.000000Z"}, {"uuid": "63aebb46-b3ff-4a7d-9bf9-12db69bb9136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20231", "type": "seen", "source": "https://t.me/true_secator/3541", "content": "\u041e\u043a\u0442\u044f\u0431\u0440\u044c\u0441\u043a\u0438\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f Android \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u043e\u043b\u0435\u0435 50 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Framework.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043a\u0430\u043a CVE-2022-20419 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e\u00a0\u0443\u0440\u043e\u0432\u043d\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 2022-10-01\u00a0\u0432\u043c\u0435\u0441\u0442\u0435 \u0441 \u043f\u044f\u0442\u044c\u044e \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 Framework, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043e\u0442\u043a\u0430\u0437\u0443 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (DoS).\n\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044e\u00a0Google, \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0431\u0430\u0433\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Framework, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u043d\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435.\n\n\u041f\u0430\u043a\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 2022-10-01 \u0442\u0430\u043a\u0436\u0435\u00a0\u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u0434\u0435\u0432\u044f\u0442\u044c \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b: Media Framework (\u0434\u0432\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438) \u0438 SYSTEM (\u0442\u0440\u0438 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439, \u0442\u0440\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043e\u0434\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 DoS).\n\n\u0412\u0442\u043e\u0440\u0430\u044f \u0447\u0430\u0441\u0442\u044c \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 2022-10-05 \u0440\u0430\u0437\u0440\u0435\u0448\u0430\u0435\u0442 \u0432 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 33 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0435 \u043d\u0430 \u044f\u0434\u0440\u043e Android, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043d\u0430 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b \u044f\u0434\u0440\u0430, Imagination Technologies, MediaTek, UNISOC \u0438 Qualcomm.\u00a0\u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0437 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 Qualcomm \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Google \u0442\u0430\u043a\u0436\u0435 \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u00a0\u0434\u043b\u044f \u0434\u0435\u0432\u044f\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 Pixel \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445: \u043d\u0435\u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0435\u043d\u043d\u043e Pixel (4 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438), \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b Qualcomm (3), \u0430 \u0442\u0430\u043a\u0436\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u044b Qualcomm \u0441 \u0437\u0430\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c (2).\n\n\u0418\u0437 \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 Pixel \u0434\u0432\u0443\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\u00a0\u041e\u0448\u0438\u0431\u043a\u0438 CVE-2022-20231 \u0438 CVE-2022-20364 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 05.10.2022 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Pixel \u0431\u0443\u0434\u0443\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0442\u044c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u044b\u0448\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.", "creation_timestamp": "2022-10-11T12:59:55.000000Z"}, {"uuid": "1be07d2e-5f07-43bf-b2b5-d4830adff68c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20231", "type": "seen", "source": "https://t.me/cibsecurity/49784", "content": "\u203c CVE-2022-20231 \u203c\n\nIn smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211485702References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T20:26:32.000000Z"}, {"uuid": "4fb4deb0-60af-43d5-8d48-8bfaf2ab2318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20235", "type": "seen", "source": "https://t.me/cibsecurity/57001", "content": "\u203c CVE-2022-20235 \u203c\n\nThe PowerVR GPU kernel driver maintains an \"Information Page\" used by its cache subsystem. This page can only be written by the GPU driver itself, but prior to DDK 1.18 however, a user-space program could write arbitrary data to the page, leading to memory corruption issues.Product: AndroidVersions: Android SoCAndroid ID: A-259967780\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T00:46:53.000000Z"}, {"uuid": "7440166a-b381-4606-b671-d3bbdf07031c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20234", "type": "seen", "source": "https://t.me/cibsecurity/46178", "content": "\u203c CVE-2022-20234 \u203c\n\nIn Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make users enable notification access permission for the malicious app. That is, users believe they enable the notification access permission for the Settings app, but actually they enable the notification access permission for the malicious app.Once the malicious app gets the notification access permission, it can read all notifications, including users' personal information.Product: AndroidVersions: Android-12LAndroid ID: A-225189301\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T22:37:01.000000Z"}, {"uuid": "6f75d05d-d54f-4624-bfe7-081703276984", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20230", "type": "seen", "source": "https://t.me/cibsecurity/46179", "content": "\u203c CVE-2022-20230 \u203c\n\nIn choosePrivateKeyAlias of KeyChain.java, there is a possible access to the user's certificate due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221859869\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T22:37:02.000000Z"}, {"uuid": "d3272ea6-7404-47ec-b534-0febe85b4d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20238", "type": "seen", "source": "https://t.me/cibsecurity/46177", "content": "\u203c CVE-2022-20238 \u203c\n\n'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma-&gt;vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T22:37:00.000000Z"}, {"uuid": "481dbfd6-b190-4a2f-80f3-9e7713e9586e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20233", "type": "seen", "source": "https://t.me/cibsecurity/44533", "content": "\u203c CVE-2022-20233 \u203c\n\nIn param_find_digests_internal and related functions of the Titan-M source, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222472803References: N/A\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-15T18:26:40.000000Z"}, {"uuid": "fb9d7fb5-7a82-4552-bad8-08f34a6b00e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20236", "type": "seen", "source": "https://t.me/cibsecurity/46191", "content": "\u203c CVE-2022-20236 \u203c\n\nA drm driver have oob problem, could cause the system crash or EOPProduct: AndroidVersions: Android SoCAndroid ID: A-233124709\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T22:40:14.000000Z"}, {"uuid": "a864a885-388e-4b25-94a2-eae111868dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20233", "type": "exploited", "source": "https://t.me/androidMalware/1614", "content": "Attacking Pixel's Titan M with Only One Byte (CVE-2022-20233) and getting 75,000 USD bounty\nhttps://blog.quarkslab.com/attacking-titan-m-with-only-one-byte.html", "creation_timestamp": "2022-08-12T12:38:51.000000Z"}, {"uuid": "71b134b3-07c2-45ce-bcc7-826602df866c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20233", "type": "exploited", "source": "https://t.me/thebugbountyhunter/6443", "content": "Attacking Pixel's Titan M with Only One Byte (CVE-2022-20233) and getting 75,000 USD bounty\nhttps://blog.quarkslab.com/attacking-titan-m-with-only-one-byte.html", "creation_timestamp": "2022-08-13T09:51:54.000000Z"}, {"uuid": "933533b2-4629-4121-938e-c2028f04a74f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20233", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6620", "content": "#Fuzzing\nCVE-2022-20233:\nAttacking Titan M with Only One Byte\nhttps://blog.quarkslab.com/attacking-titan-m-with-only-one-byte.html", "creation_timestamp": "2022-08-18T12:00:55.000000Z"}]}