Android December 2022 security updates patch 75 vulnerabilities


Google announced this week the December 2022 Android updates, which include fixes for more than 75 vulnerabilities, including multiple critical remote code execution (RCE) flaws.

CVE-2022-20411, an issue in Android’s System component that could be exploited via Bluetooth, is the most serious of the RCE bugs. “The most serious of these issues is a critical security vulnerability in the System component that could result in remote code execution over Bluetooth with no additional execution privileges required,” Google says in its advisory.

Also Read: Analyzing CISA’s Cross-Industries Cybersecurity Performance Objectives

The Framework component also fixed two other critical-severity RCE flaws (CVE-2022-20472 and CVE-2022-20473). In addition, Google patched a critical information disclosure vulnerability (CVE-2022-20498) in the System component.

Read More: Over 75 Vulnerabilities Patched in Android With December 2022 Security Updates