Main Vulnerability Database Vulnerabilities #VU34332

Input validation error in Google Android - CVE-2020-0206

Published: June 11, 2020 / Updated: August 8, 2020

Vulnerability identifier: #VU34332

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-0206

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Google Android

Software vendor:
Google

Description

The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.

In the settings app, there is a possible app crash due to improper input validation. This could lead to local denial of service of the Settings app with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005061

Remediation

Install update from vendor's website.

External links

https://source.android.com/security/bulletin/pixel/2020-06-01

Input validation error in Google Android - CVE-2020-0206

Description

Remediation

External links

Please verify you're human