#VU47456 Input validation error in Google Android - CVE-2020-0367
Published: October 9, 2020
Vulnerability identifier: #VU47456
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-0367
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Google Android
Google Android
Software vendor:
Google
Description
The vulnerability allows a remote attacker to compromise the affected device.
The vulnerability exists due to unspecified error within the MediaTek Widevine component. A remote attacker can compromise the affected device.
Note, additional information on this vulnerability is not available yet, that is why it was scored wthi the highest potential risk possible.
Remediation
Install updates from vendor's website.