CVE-2020-0338

Name of the Vulnerable Software and Affected Versions Android versions Android-10 through Android-9

Description A permission bypass issue exists in the checkKeyIntent function of AccountManagerService.java. This could lead to local information disclosure, requiring user execution privileges and user interaction for exploitation.

Recommendations For Android versions Android-10 through Android-9, consider restricting access to sensitive information until a patch is available. As a temporary workaround, review and restrict the use of the checkKeyIntent function in AccountManagerService.java to minimize the risk of exploitation.