Input validation error in Google Android - CVE-2020-0339

 

Input validation error in Google Android - CVE-2020-0339

Published: October 9, 2020


Vulnerability identifier: #VU47455
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-0339
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Google
Affected software:
Google Android

Detailed vulnerability description

The vulnerability allows a remote attacker to compromise the affected device.

The vulnerability exists due to unspecified error within the MediaTek Widevine component. A remote attacker can compromise the affected device.

Note, additional information on this vulnerability is not available yet, that is why it was scored wthi the highest potential risk possible.


How to mitigate CVE-2020-0339

Install updates from vendor's website.

Sources