CVE-2020-0202

Name of the Vulnerable Software and Affected Versions Android versions Android-11

Description In the onHandleIntent method of TraceService.java, there is a possible bypass of developer settings requirements for capturing system traces due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is required for exploitation.

Recommendations For Android version Android-11, consider restricting access to the TraceService until a patch is available. As a temporary workaround, avoid using the onHandleIntent method in TraceService.java to minimize the risk of exploitation.