We found results for “”
CVE-2020-0017
Good to know:
Date: February 13, 2020
In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-123232892
Language: Java
Severity Score
Severity Score
Weakness Type (CWE)
Information Leak / Disclosure
CWE-200Top Fix
Upgrade Version
Upgrade to version android-9.0.0_r53,android-8.0.0_r43,android-8.1.0_r73,android-10.0.0_r26
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | REQUIRED |
Scope (S): | UNCHANGED |
Confidentiality (C): | LOW |
Integrity (I): | LOW |
Availability (A): | NONE |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | LOCAL |
Access Complexity (AC): | MEDIUM |
Authentication (AU): | NONE |
Confidentiality (C): | PARTIAL |
Integrity (I): | PARTIAL |
Availability (A): | NONE |
Additional information: |