{"id":"ASB-A-246933359", "published":"2022-12-01T00:00:00Z", "modified":"2026-05-01T15:24:27.653932157Z", "aliases":["CVE-2022-20501", "A-246933359"], "details":"In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.", "affected":[{"package":{"name":"platform/packages/services/Telecomm", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"10:0"}, {"fixed":"10:2022-12-01"}]}], "versions":["10"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"], "severity":"High", "spl":"2022-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"154270236169330912437872144573544089928", "length":245}, "id":"ASB-A-246933359-2d747a16", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"line_hashes":["320289821939055675549952624027794498453", "96961415491038917953009970649486956067", "70238020157878442178950549376738510749", "62743758544484059513720788751842644535", "285738201064597834006436556479051549380", "319483709314350051125391354452465839608", "218636688842431018377560863361731694344", "300316977321693419332182848524026739926"], "threshold":0.9}, "id":"ASB-A-246933359-fd099c12", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}]}}, {"package":{"name":"platform/packages/services/Telecomm", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"11:0"}, {"fixed":"11:2022-12-01"}]}], "versions":["11"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"], "severity":"High", "spl":"2022-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"154270236169330912437872144573544089928", "length":245}, "id":"ASB-A-246933359-b528d839", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"line_hashes":["320289821939055675549952624027794498453", "96961415491038917953009970649486956067", "70238020157878442178950549376738510749", "62743758544484059513720788751842644535", "285738201064597834006436556479051549380", "319483709314350051125391354452465839608", "218636688842431018377560863361731694344", "300316977321693419332182848524026739926"], "threshold":0.9}, "id":"ASB-A-246933359-f71949af", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}]}}, {"package":{"name":"platform/packages/services/Telecomm", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12:0"}, {"fixed":"12:2022-12-01"}]}], "versions":["12"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"], "severity":"High", "spl":"2022-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["320289821939055675549952624027794498453", "96961415491038917953009970649486956067", "70238020157878442178950549376738510749", "62743758544484059513720788751842644535", "285738201064597834006436556479051549380", "319483709314350051125391354452465839608", "218636688842431018377560863361731694344", "300316977321693419332182848524026739926"], "threshold":0.9}, "id":"ASB-A-246933359-009398e8", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}, {"deprecated":false, "digest":{"function_hash":"154270236169330912437872144573544089928", "length":245}, "id":"ASB-A-246933359-8914fb9c", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java", "function":"onCreate"}}]}}, {"package":{"name":"platform/packages/services/Telecomm", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"12L:0"}, {"fixed":"12L:2022-12-01"}]}], "versions":["12L"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"], "severity":"High", "spl":"2022-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"154270236169330912437872144573544089928", "length":245}, "id":"ASB-A-246933359-13317206", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"line_hashes":["320289821939055675549952624027794498453", "96961415491038917953009970649486956067", "70238020157878442178950549376738510749", "62743758544484059513720788751842644535", "285738201064597834006436556479051549380", "319483709314350051125391354452465839608", "218636688842431018377560863361731694344", "300316977321693419332182848524026739926"], "threshold":0.9}, "id":"ASB-A-246933359-ae6a4686", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}]}}, {"package":{"name":"platform/packages/services/Telecomm", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"13:0"}, {"fixed":"13:2022-12-01"}]}], "versions":["13"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"], "severity":"High", "spl":"2022-12-01", "types":["EoP"], "vanir_signatures":[{"deprecated":false, "digest":{"function_hash":"154270236169330912437872144573544089928", "length":245}, "id":"ASB-A-246933359-344f4600", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java", "function":"onCreate"}}, {"deprecated":false, "digest":{"line_hashes":["320289821939055675549952624027794498453", "96961415491038917953009970649486956067", "70238020157878442178950549376738510749", "62743758544484059513720788751842644535", "285738201064597834006436556479051549380", "319483709314350051125391354452465839608", "218636688842431018377560863361731694344", "300316977321693419332182848524026739926"], "threshold":0.9}, "id":"ASB-A-246933359-decf1620", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035", "target":{"file":"src/com/android/server/telecom/settings/EnableAccountPreferenceActivity.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2022-12-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/packages/services/Telecomm/+/a7d57ace5819c4eef340aaf6744ad441d0369035"}]}