{"vulnerability": "CVE-2022-2054", "sightings": [{"uuid": "3ec17f49-0e3f-4653-b133-713c41620d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20547", "type": "seen", "source": "https://t.me/cibsecurity/54676", "content": "\u203c CVE-2022-20547 \u203c\n\nIn multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240301753\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:24:35.000000Z"}, {"uuid": "9c08011f-9d40-4559-88e3-c1c25a5ac791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20540", "type": "seen", "source": "https://t.me/cibsecurity/54710", "content": "\u203c CVE-2022-20540 \u203c\n\nIn SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291506\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:34:25.000000Z"}, {"uuid": "18883808-1d6c-4bb3-a64c-27dea0f0ae5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20545", "type": "seen", "source": "https://t.me/cibsecurity/54754", "content": "\u203c CVE-2022-20545 \u203c\n\nIn bindArtworkAndColors of MediaControlPanel.java, there is a possible way to crash the phone due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-239368697\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:40:45.000000Z"}, {"uuid": "1ea4ffb4-66c1-4ae1-a8de-d8e594dd0b30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2054", "type": "seen", "source": "https://t.me/cibsecurity/44242", "content": "\u203c CVE-2022-2054 \u203c\n\nCommand Injection in GitHub repository nuitka/nuitka prior to 0.9.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-12T18:22:22.000000Z"}, {"uuid": "63497498-6cdc-4510-9813-c742e63083f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20547", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12633", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20547\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In multiple functions of AdapterService.java, there is a possible way to manipulate Bluetooth state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240301753\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-21T02:57:10.016Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-21T04:01:13.000000Z"}, {"uuid": "b6ce0630-0888-4ff5-8362-1f296f821775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20540", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12482", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20540\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In SurfaceFlinger::doDump of SurfaceFlinger.cpp, there is possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-237291506\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T15:36:06.164Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T15:59:07.000000Z"}, {"uuid": "cc8088c1-bc1b-4cce-b414-52dd7e133cf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20549", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12548", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20549\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In authToken2AidlVec of KeyMintUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242702451\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T20:13:49.138Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T20:59:33.000000Z"}, {"uuid": "88a8d279-48e8-4d2c-aa9d-41ead1d00481", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20548", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12539", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-20548\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240919398\n\ud83d\udccf Published: 2022-12-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-18T20:42:15.109Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2022-12-01", "creation_timestamp": "2025-04-18T20:59:22.000000Z"}, {"uuid": "7e1fd05a-7aec-43b5-a862-088fefce12f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20548", "type": "seen", "source": "https://t.me/cibsecurity/54696", "content": "\u203c CVE-2022-20548 \u203c\n\nIn setParameter of EqualizerEffect.cpp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240919398\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:30:40.000000Z"}, {"uuid": "e2349d79-632f-498d-a967-148749d90efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20546", "type": "seen", "source": "https://t.me/cibsecurity/54723", "content": "\u203c CVE-2022-20546 \u203c\n\nIn getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240266798\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:34:39.000000Z"}, {"uuid": "7c73799a-4952-46b4-8afc-a09a5feca65c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-20543", "type": "seen", "source": "https://t.me/cibsecurity/54750", "content": "\u203c CVE-2022-20543 \u203c\n\nIn multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-16T18:40:41.000000Z"}]}