{"vulnerability": "cve-2022-20002", "sightings": [{"uuid": "abf69b11-3e85-46af-a3b0-c04563d8b438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-20002", "type": "seen", "source": "https://t.me/androidMalware/1394", "content": "Android: vold's incremental-fs APIs trust paths from system_server for mounting (CVE-2022-20002)\nhttps://bugs.chromium.org/p/project-zero/issues/detail?id=2221", "creation_timestamp": "2021-12-31T00:04:31.000000Z"}, {"uuid": "540f135f-59c1-4a24-9fcb-148e37fb2e9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-20002", "type": "seen", "source": "https://t.me/cibsecurity/39832", "content": "\u203c CVE-2022-20002 \u203c\n\nIn incfs, there is a possible way of mounting on arbitrary paths due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12LAndroid ID: A-198657657\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:12:31.000000Z"}]}