CVE-2020-0080

Name of the Vulnerable Software and Affected Versions Android versions Android-10

Description The issue is related to the onOpActiveChanged and related methods in AppOpsControllerImpl.java, where an app can be displayed overlaying other apps without showing a notification icon. This could lead to local escalation of privilege, requiring User execution privileges and user interaction for exploitation.

Recommendations For Android version Android-10, consider restricting the use of the onOpActiveChanged method in AppOpsControllerImpl.java to minimize the risk of exploitation until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.