Race condition in Google Android - CVE-2020-27059
Published: December 11, 2020
Google Android
Detailed vulnerability description
The vulnerability allows a malicious application to elevate privileges on the system.
The vulnerability exists due to a race condition when processing two activities, related to fingerprint input. A malicious application installed on the device can bypass mitigations, implemented by Android and gain elevated privileges within the system.
How to mitigate CVE-2020-27059
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.
A patch will be released in the January 2021 Android Security Bulletin.