exploitDog

CVE-2020-0196

Опубликовано: 11 июн. 2020

Источник: nvd

CVSS3: 6.5

CVSS2: 3.3

EPSS Низкий

Описание

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144066833

Ссылки

https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2020-06-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 37%

0.0016

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-3654-92rm-xcmh

github

больше 3 лет назад

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144066833

EPSS

Процентиль: 37%

0.0016

Низкий

6.5 Medium

CVSS3

3.3 Low

CVSS2

Дефекты

CWE-20