Main Vulnerability Database Exploits ID:5006 - Exploit for Improper Privilege Management in Google Android - CVE-2020-0001

ID:5006 - Exploit for Improper Privilege Management in Google Android - CVE-2020-0001

Published: January 6, 2021

Vulnerability identifier: #VU34883

Vulnerability risk: Low

CVE-ID: CVE-2020-0001

CWE-ID: CWE-269

Exploitation vector: Local access

Vulnerable software:
Google Android

Link to public exploit:

https://github.com/Zachinio/CVE-2020-0001

Vulnerability description

The vulnerability allows a local authenticated user to execute arbitrary code.

In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304

Remediation

Install update from vendor's website.

ID:5006 - Exploit for Improper Privilege Management in Google Android - CVE-2020-0001

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human