CVE-2020-0473

Name of the Vulnerable Software and Affected Versions Android versions Android-11

Description The issue is related to a possible permissions bypass in the updateIncomingFileConfirmNotification function of BluetoothOppNotification.java. This could lead to local escalation of privilege, allowing an attacker with physical possession of the device to transfer files to it over Bluetooth without needing additional execution privileges. User interaction is not required for exploitation.

Recommendations For Android version Android-11, consider restricting Bluetooth file transfer capabilities until a patch is available. As a temporary workaround, disabling the Bluetooth file transfer feature can help minimize the risk of exploitation.