PT-2020-11768 · Google · Android

Published

2020-11-01

Updated

2020-11-17

CVE-2020-0418

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Android version Android-10

Description A logic error in the getPermissionInfosForGroup function of Utils.java could lead to local escalation of privilege. This issue requires User execution privileges and does not need user interaction for exploitation.

Recommendations For Android version Android-10, update to a version that includes the fix for the logic error in getPermissionInfosForGroup of Utils.java. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ASB-A-153879813

CVE-2020-0418

Affected Products

Android

PT-2020-11768 · Google · Android

CVE-2020-0418

Related Identifiers

Affected Products

References · 8