#VU47457 Input validation error in Google Android - CVE-2020-0371
Published: October 9, 2020
Vulnerability identifier: #VU47457
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-0371
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Google Android
Google Android
Software vendor:
Google
Description
The vulnerability allows a remote attacker to compromise the affected device.
The vulnerability exists due to unspecified error within the MediaTek KeyInstall component. A remote attacker can compromise the affected device.
Note, additional information on this vulnerability is not available yet, that is why it was scored wthi the highest potential risk possible.
Remediation
Install updates from vendor's website.