CVE-2020-0096

Name of the Vulnerable Software and Affected Versions Android versions Android-8.0 through Android-9

Description In the startActivities function of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. The issue affects over a billion Android devices and could let attackers hijack apps installed on targeted devices, potentially stealing users' banking and other log-in credentials.

Recommendations For Android versions Android-8.0 through Android-9, at the moment, there is no information about a newer version that contains a fix for this vulnerability.