Input validation error in Google Android - CVE-2020-0371

 

Input validation error in Google Android - CVE-2020-0371

Published: October 9, 2020


Vulnerability identifier: #VU47457
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-0371
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability: No public exploit available
Vendor: Google
Affected software:
Google Android

Detailed vulnerability description

The vulnerability allows a remote attacker to compromise the affected device.

The vulnerability exists due to unspecified error within the MediaTek KeyInstall component. A remote attacker can compromise the affected device.

Note, additional information on this vulnerability is not available yet, that is why it was scored wthi the highest potential risk possible.


How to mitigate CVE-2020-0371

Install updates from vendor's website.

Sources