CVE-2020-27041

Name of the Vulnerable Software and Affected Versions Android versions Android-11

Description The issue is related to an unsafe PendingIntent in the showProvisioningNotification function of ConnectivityService.java. This could lead to local information disclosure of notification data without requiring additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android version Android-11, consider restricting access to the showProvisioningNotification function in ConnectivityService.java until a patch is available. As a temporary workaround, disabling the use of PendingIntent in this context may help minimize the risk of exploitation.