CVE-2020-0480

Name of the Vulnerable Software and Affected Versions Android versions Android-11

Description The issue is related to a missing permission check in the callUnchecked method of DocumentsProvider.java. This could lead to a local escalation of privilege, allowing a caller to copy, move, or delete files accessible to DocumentsProvider without needing additional execution privileges. User interaction is required for exploitation.

Recommendations For Android version Android-11, consider restricting access to the DocumentsProvider until a patch is available. As a temporary workaround, avoid using the callUnchecked method in DocumentsProvider.java to minimize the risk of exploitation.