PT-2020-11509 · Google · Android
Published
2020-06-11
·
Updated
2020-06-12
·
CVE-2020-0148
CVSS v3.1
4.4
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Android versions prior to Android-10
Description
The issue is related to a possible out of bounds read in the
btu hcif pin code request evt, btu hcif link key request evt, and btu hcif link key notification evt functions of btu hcif.cc. This could lead to local information disclosure via compromised device firmware, with System execution privileges needed. User interaction is not needed for exploitation.Recommendations
For Android versions prior to Android-10, update to Android-10 or a later version to resolve the issue.
Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android