Input validation error in Google Android - CVE-2020-0367

 

Input validation error in Google Android - CVE-2020-0367

Published: October 9, 2020


Vulnerability identifier: #VU47456
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-0367
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Google
Affected software:
Google Android

Detailed vulnerability description

The vulnerability allows a remote attacker to compromise the affected device.

The vulnerability exists due to unspecified error within the MediaTek Widevine component. A remote attacker can compromise the affected device.

Note, additional information on this vulnerability is not available yet, that is why it was scored wthi the highest potential risk possible.


How to mitigate CVE-2020-0367

Install updates from vendor's website.

Sources