{"id":"ASB-A-246933359","details":"In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.","aliases":["A-246933359","CVE-2022-20501"],"modified":"2026-05-22T15:55:21.353668239Z","published":"2022-12-01T00:00:00Z","references":[{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2022-12-01"},{"type":"FIX","url":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"}],"affected":[{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"10:0"},{"fixed":"10:2022-12-01"}]}],"versions":["10"],"ecosystem_specific":{"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"],"types":["EoP"],"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"length":245,"function_hash":"154270236169330912437872144573544089928"},"id":"ASB-A-246933359-2d747a16","signature_type":"Function","deprecated":false,"target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java","function":"onCreate"}},{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"line_hashes":["320289821939055675549952624027794498453","96961415491038917953009970649486956067","70238020157878442178950549376738510749","62743758544484059513720788751842644535","285738201064597834006436556479051549380","319483709314350051125391354452465839608","218636688842431018377560863361731694344","300316977321693419332182848524026739926"],"threshold":0.9},"id":"ASB-A-246933359-fd099c12","deprecated":false,"signature_type":"Line","target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246933359.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"11:0"},{"fixed":"11:2022-12-01"}]}],"versions":["11"],"ecosystem_specific":{"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"],"types":["EoP"],"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"length":245,"function_hash":"154270236169330912437872144573544089928"},"id":"ASB-A-246933359-b528d839","deprecated":false,"signature_type":"Function","target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java","function":"onCreate"}},{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"line_hashes":["320289821939055675549952624027794498453","96961415491038917953009970649486956067","70238020157878442178950549376738510749","62743758544484059513720788751842644535","285738201064597834006436556479051549380","319483709314350051125391354452465839608","218636688842431018377560863361731694344","300316977321693419332182848524026739926"],"threshold":0.9},"id":"ASB-A-246933359-f71949af","signature_type":"Line","deprecated":false,"target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246933359.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12:0"},{"fixed":"12:2022-12-01"}]}],"versions":["12"],"ecosystem_specific":{"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"],"types":["EoP"],"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"line_hashes":["320289821939055675549952624027794498453","96961415491038917953009970649486956067","70238020157878442178950549376738510749","62743758544484059513720788751842644535","285738201064597834006436556479051549380","319483709314350051125391354452465839608","218636688842431018377560863361731694344","300316977321693419332182848524026739926"],"threshold":0.9},"id":"ASB-A-246933359-009398e8","deprecated":false,"signature_type":"Line","target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}},{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"length":245,"function_hash":"154270236169330912437872144573544089928"},"id":"ASB-A-246933359-8914fb9c","deprecated":false,"signature_type":"Function","target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java","function":"onCreate"}}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246933359.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"12L:0"},{"fixed":"12L:2022-12-01"}]}],"versions":["12L"],"ecosystem_specific":{"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"],"types":["EoP"],"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"length":245,"function_hash":"154270236169330912437872144573544089928"},"id":"ASB-A-246933359-13317206","deprecated":false,"signature_type":"Function","target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java","function":"onCreate"}},{"signature_version":"v1","target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"},"digest":{"line_hashes":["320289821939055675549952624027794498453","96961415491038917953009970649486956067","70238020157878442178950549376738510749","62743758544484059513720788751842644535","285738201064597834006436556479051549380","319483709314350051125391354452465839608","218636688842431018377560863361731694344","300316977321693419332182848524026739926"],"threshold":0.9},"id":"ASB-A-246933359-ae6a4686","signature_type":"Line","deprecated":false,"source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246933359.json"}},{"package":{"name":"platform/packages/services/Telecomm","ecosystem":"Android"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"13:0"},{"fixed":"13:2022-12-01"}]}],"versions":["13"],"ecosystem_specific":{"spl":"2022-12-01","fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"],"types":["EoP"],"vanir_signatures":[{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"length":245,"function_hash":"154270236169330912437872144573544089928"},"id":"ASB-A-246933359-344f4600","signature_type":"Function","deprecated":false,"target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java","function":"onCreate"}},{"signature_version":"v1","source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035","digest":{"line_hashes":["320289821939055675549952624027794498453","96961415491038917953009970649486956067","70238020157878442178950549376738510749","62743758544484059513720788751842644535","285738201064597834006436556479051549380","319483709314350051125391354452465839608","218636688842431018377560863361731694344","300316977321693419332182848524026739926"],"threshold":0.9},"id":"ASB-A-246933359-decf1620","signature_type":"Line","deprecated":false,"target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}],"severity":"High"},"database_specific":{"source":"https://storage.googleapis.com/android-osv/ASB-A-246933359.json"}}],"schema_version":"1.7.5"}