Out of more than 80 flaws fixed this month, the most critical was a system component bug that could allow RCE over Bluetooth.

Dark Reading Staff, Dark Reading

December 7, 2022

1 Min Read
Android robot mascot image
Source: Marc Bruxelle RF via Alamy Stock Photo

Android's Framework, Kernel, and Google Play were among components that received security updates this month, but the most severe was a critical bug in the System component that, if exploited, could allow remote code execution (RCE) over Bluetooth, without any escalation privileges required. 

In addition to the System vulnerability, tracked under CVE-2022-20411, there are three additional critical flaws addressed by Android this month, including an ID bug in the System component (CVE-2022-20498) and two critical RCE bugs in the Framework component (CVE-2022, 20472 and CVE-2022-20473). 

In total, the Android security update addressed more than 80 vulnerabilities. 

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights