Contáctanos al
1510
Resumen
El Equipo de Respuesta ante Incidentes de Seguridad Informática, CSIRT de Gobierno, comparte información sobre vulnerabilidades que afectan al sistema operativo Android, dadas a conocer en el reporte de Google para Android correspondiente a agosto de 2022.
Vulnerabilidades
CVE-2021-39696
CVE-2021-0698
CVE-2021-0887
CVE-2021-0891
CVE-2021-0946
CVE-2021-0947
CVE-2021-30259
CVE-2021-39815
CVE-2022-1786
CVE-2022-20082
CVE-2022-20122
CVE-2022-20239
CVE-2022-20344
CVE-2022-20345
CVE-2022-20346
CVE-2022-20347
CVE-2022-20348
CVE-2022-20349
CVE-2022-20350
CVE-2022-20352
CVE-2022-20353
CVE-2022-20354
CVE-2022-20355
CVE-2022-20356
CVE-2022-20357
CVE-2022-20358
CVE-2022-20360
CVE-2022-20361
CVE-2022-22059
CVE-2022-22061
CVE-2022-22062
CVE-2022-22067
CVE-2022-22069
CVE-2022-22070
CVE-2022-22080
CVE-2022-25668
Impacto
Vulnerabilidades de riesgo crítico
CVE-2022-20345: Vulnerabilidad crítica que afecta al componente System. Parchado en las actualizaciones Android 12 y 12L. Según Google, un atacante no requiere privilegios de ejecución adicionales para realizar la explotación arbitraria de código en un ataque Bluetooth.
Productos afectados
Android, versiones anteriores a 12 y 12L
Mitigación
Instalar las respectivas actualizaciones entregadas por el proveedor.
Enlaces
https://source.android.com/security/bulletin/2022-08-01?hl=en
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39696
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0698
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0887
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0891
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0946
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0947
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30259
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1786
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20082
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20239
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20344
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20345
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20346
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20347
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20348
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20349
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20350
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20352
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20353
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20354
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20355
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20356
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20357
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20358
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20360
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-20361
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22059
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22061
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22062
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22067
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22069
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22070
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22080
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-25668
Informe
El informe oficial publicado por el CSIRT del Gobierno de Chile está disponible en el siguiente enlace: 9VSA22-00683-01.