CVE-2020-0154

Name of the Vulnerable Software and Affected Versions Android versions prior to Android-10

Description The issue is related to an incorrect bounds check in the nci proc core rsp function of nci hrcv.cc, which could lead to a possible out of bounds read. This might result in local information disclosure via compromised device firmware, requiring System execution privileges for exploitation. No user interaction is needed for exploitation.

Recommendations For Android versions prior to Android-10, update to Android-10 or a later version to resolve the issue. As a temporary workaround, consider restricting access to the compromised device firmware to minimize the risk of exploitation.