{"vulnerability": "CVE-2022-2026", "sightings": [{"uuid": "5d5d2a68-577e-49da-b3a0-b74f5ee49d36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20265", "type": "seen", "source": "https://t.me/cibsecurity/48038", "content": "\u203c CVE-2022-20265 \u203c\n\nIn Settings, there is a possible way to bypass factory reset permissions due to a permissions bypass. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-212804898\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T18:33:42.000000Z"}, {"uuid": "33bb1e62-1896-44da-9c4f-dace3c4bf35d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20268", "type": "seen", "source": "https://t.me/cibsecurity/48034", "content": "\u203c CVE-2022-20268 \u203c\n\nIn RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterprise managed device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-210468836\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T18:33:37.000000Z"}, {"uuid": "79cc0ef4-8ca5-4abc-8dcc-9381fb6a2b9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20260", "type": "seen", "source": "https://t.me/cibsecurity/48029", "content": "\u203c CVE-2022-20260 \u203c\n\nIn the Phone app, there is a possible crash loop due to resource exhaustion. This could lead to local persistent denial of service in the Phone app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-220865698\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T18:33:30.000000Z"}, {"uuid": "7d7ab082-9b5f-43d1-987f-e3f3f70546ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20262", "type": "seen", "source": "https://t.me/cibsecurity/48025", "content": "\u203c CVE-2022-20262 \u203c\n\nIn ActivityManager, there is a possible way to check another process's capabilities due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-218338453\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T18:33:23.000000Z"}, {"uuid": "1a707fd4-3a5e-42a3-aa38-ef0701f26bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2026", "type": "seen", "source": "https://t.me/cibsecurity/44123", "content": "\u203c CVE-2022-2026 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository kromitgmbh/titra prior to 0.77.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T20:33:34.000000Z"}]}