exploitDog

CVE-2020-0050

Опубликовано: 10 мар. 2020

Источник: nvd

CVSS3: 6.7

CVSS2: 4.6

EPSS Низкий

Описание

In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124521372

Ссылки

https://source.android.com/security/bulletin/pixel/2020-03-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2020-03-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00037

Низкий

6.7 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-x3gg-47w4-9h82

github

больше 3 лет назад

In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124521372

EPSS

Процентиль: 11%

0.00037

Низкий

6.7 Medium

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20