exploitDog

CVE-2020-0382

Опубликовано: 17 сент. 2020

Источник: nvd

CVSS3: 2.3

CVSS2: 2.1

EPSS Низкий

Описание

In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-152944488

Ссылки

https://source.android.com/security/bulletin/2020-09-01
Vendor Advisory
https://source.android.com/security/bulletin/2020-09-01
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00014

Низкий

2.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-755

Связанные уязвимости

GHSA-w5h8-gj7c-wr5p

github

больше 3 лет назад

In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-152944488

EPSS

Процентиль: 2%

0.00014

Низкий

2.3 Low

CVSS3

2.1 Low

CVSS2

Дефекты

CWE-755