Multiple vulnerabilities in Google Android
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 14 |
| CVE-ID | CVE-2020-0021 CVE-2020-0020 CVE-2020-0018 CVE-2020-0017 CVE-2019-2200 CVE-2020-0015 CVE-2020-0014 CVE-2020-0028 CVE-2020-0027 CVE-2020-0026 CVE-2020-0023 CVE-2020-0022 CVE-2020-0005 CVE-2020-0030 |
| CWE-ID | CWE-20 CWE-125 CWE-200 CWE-264 CWE-787 CWE-416 CWE-362 |
| Exploitation vector | Network |
| Public exploit |
Public exploit code for vulnerability #7 is available. Public exploit code for vulnerability #12 is available. |
| Vulnerable software Subscribe |
Google Android Operating systems & Components / Operating system |
| Vendor |
Security Bulletin
This security bulletin contains information about 14 vulnerabilities.
1) Input validation error
EUVDB-ID: #VU25368
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0021
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists within the Framework functionality of Android due to a missing package dependency test in "removeUnusedPackagesLPw" of "PackageManagerService.java". A remote attacker can cause a denial of service condition on the target system.
Install updates from vendor's website.
Vulnerable software versionsGoogle Android: 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/base/+/859ead528cd09f6fdf3a85df390745054058d12c
http://android.googlesource.com/platform/frameworks/base/+/fab928923c8255626049e6f459105d2e4c715384
http://android.googlesource.com/platform/frameworks/base/+/f5a3d382a97ef26fefbd15cd02c9993e77f7b813
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU25367
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0020
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists within the Framework functionality of Android due to a boundary condition in "getAttributeRange" of "ExifInterface.java" when the vulnerable software fails to redact location information from media files. A local attacker can trigger out-of-bounds read error and read contents of memory on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/base/+/aa68a4f19e6a122b80ca1bcff57228dc795081e5
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Information disclosure
EUVDB-ID: #VU25366
Risk: Low
CVSSv3.1: 5.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0018
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists within the Framework functionality of Android due to an error in "MotionEntry::appendDescription" of "InputDispatcher.cpp". A local attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/native/+/7fb8682cbf494e3f1d5c79ebfbd9b020e1191679
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Information disclosure
EUVDB-ID: #VU25365
Risk: Low
CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0017
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain access to potentially sensitive information.
The vulnerability exists within the Framework functionality of Android due to a possibility for the primary users dictionary to be visible to and modifiable by secondary users in multiple places. A local attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/base/+/721e4d085ca3d1dc5826c0ba71615529f544d7f7
http://android.googlesource.com/platform/frameworks/base/+/ea4bce75cfebd7cef90b1e483d752b252f09333c
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU25364
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2019-2200
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists due to a permission bypass in "updatePermissions" of "PermissionManagerService.java". A local attacker can use a malicious app to obtain a custom permission from another app and gain elevated privileges on the target system.
Install updates from vendor's website.
Vulnerable software versionsGoogle Android: 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/base/+/aa2ffea8baea65c13ac2b841b3d581f28261dd2b
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU25363
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0015
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists within the Framework functionality of Android due to a possible way to overlay the Certificate Installation dialog by a malicious application in "onCreate" of "CertInstaller.java". A local attacker can gain elevated privileges on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/packages/apps/CertInstaller/+/bdf1dc655cf226d10077e0926049bac0aed0127e
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
7) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU25362
Risk: Low
CVSSv3.1: 7 [CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-0014
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: Yes
DescriptionThe vulnerability allows a local attacker to escalate privileges on the system.
The vulnerability exists within the Framework functionality of Android due to possibility for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. A local attacker can gain elevated privileges on the target system.
Install updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/base/+/d885c3279f3fecb2c08e382c733a440113dae644
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
8) Information disclosure
EUVDB-ID: #VU25361
Risk: Medium
CVSSv3.1: 5.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0028
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists within the System functionality of Android due to a possible bypass of private DNS settings in "notifyNetworkTested" and related functions of "NetworkMonitor.java". A remote attacker can gain unauthorized access to sensitive information on the system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 9.0
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/base/+/0929eb918071c1e76fd41b677af0973412f8a098
http://android.googlesource.com/platform/frameworks/base/+/b66ddb8e5d08324ab3fc068861cd029a8ffba1b8
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
9) Out-of-bounds write
EUVDB-ID: #VU25360
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0027
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists within the System functionality of Android due to an unexpected switch fallthrough in "HidRawSensor::batch" of "HidRawSensor.cpp". A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/hardware/libhardware/+/2526448930008792615f8b8a718ad09f19390025
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
10) Use-after-free
EUVDB-ID: #VU25359
Risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0026
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists within the System functionality of Android due to a use-after-free error in "Parcel::continueWrite" of "Parcel.cpp". A remote attacker can gain elevated privileges on the target system.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/frameworks/native/+/daf29a6dbfafc6c06654a3878c0ad2a7f8ebc063
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
11) Information disclosure
EUVDB-ID: #VU25358
Risk: Medium
CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0023
CWE-ID:
CWE-200 - Information exposure
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists within the System functionality of Android due to a missing permission check in "setPhonebookAccessPermission" of "AdapterService.java". A remote attacker can gain unauthorized access to sensitive information if a malicious app enables contacts over Bluetooth.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/packages/apps/Bluetooth/+/0d8307f408f166862fbd6efb593c4d65...
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
12) Out-of-bounds write
EUVDB-ID: #VU25357
Risk: High
CVSSv3.1: 7.3 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2020-0022
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists within the System functionality of Android due to a boundary error when processing untrusted input in "reassemble_and_dispatch" of "packet_fragmenter.cc". A remote attacker can trigger out-of-bounds write and execute arbitrary code over Bluetooth on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/system/bt/+/3cb7149d8fed2d7d77ceaa95bf845224c4db3baf
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
13) Out-of-bounds write
EUVDB-ID: #VU25356
Risk: High
CVSSv3.1: 7.1 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0005
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists within the System functionality of Android due to a boundary error when processing untrusted input in "btm_read_remote_ext_features_complete" of "btm_acl.cc". A remote attacker can trigger out-of-bounds write and execute arbitrary code on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsGoogle Android: 8.0 - 10
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/platform/system/bt/+/771571f69ab9498e9104db3c5c367f1def0a5146
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
14) Race condition
EUVDB-ID: #VU25387
Risk: Low
CVSSv3.1: 7.3 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2020-0030
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to escalate privileges on the system.
The
vulnerability exists within the "Binder driver" component of Android due to a race condition in "binder_thread_release"
of "binder.c". A local attacker can use a specially crafted file to exploit the race, trigger a use-after-free error and execute arbitrary code with elevated privileges on the target system.
Install updates from vendor's website.
Vulnerable software versionsGoogle Android: All versions
External linkshttp://source.android.com/security/bulletin/2020-02-01
http://android.googlesource.com/kernel/common/+/5eeb2ca0
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
