Google Android could allow a remote malicious user to execute arbitrary code on the system, caused by an error in the Bluetooth implementation. By using a specially crafted transmission, an attacker could exploit this vulnerability to execute arbitrary code with the privileges of the Bluetooth daemon.
A critical vulnerability in the Bluetooth implementation on Android devices could allow attackers to launch remote code execution (RCE) attacks – without any user interaction.
Researchers on Thursday revealed further details behind the critical Android flaw (CVE-2020-0022), which was patched earlier this week as part of Google’s February Android Security Bulletin. The RCE bug poses as a critical-severity threat to Android versions Pie (9.0) and Oreo (8.0, 8.1), which account for almo...
Google has rolled out a security update to address a critical flaw in Android’s Bluetooth implementation that allows remote code execution without user interaction.
The vulnerability, tracked as CVE-2020-0022, affects devices running Android Oreo (8.0 and 8.1) and Pie (9.0). For these devices, which between them account for almost two-thirds of Android devices in use, the flaw is rated critical by Google.
According to German IT security provider ERNW, which discovered the ‘wormab...
'Pwned with a broadcast' bug among 25 to be patched by Google
Google has posted the February security updates for Android, including for a potentially serious remote code execution flaw in Bluetooth.
Designated CVE-2020-0022, the flaw was discovered and reported by researchers with German company ERNW who say a fix has been in the works since November.
"On Android 8.0 to 9.0, a remote attacker within proximity can silently execute arbitrary code with the privileges of the Bluetooth daemon as long as Bluetooth is enabled," the team explained.
Android users are urged to apply the latest security patches released for the operating system on Monday that address a critical vulnerability in the Bluetooth subsystem.
An attacker could leverage the security flaw, now identified as CVE-2020-0022 without user participation to run arbitrary code on the device with the elevated privileges of the Bluetooth daemon when the wireless module is active.
Discovered and reported by Jan Ruge at the Technische Universität Darmstadt, Secure M...
Google has released a security update for a critical flaw in its Android operating system that allows hackers to execute remote code on affected handsets, potentially allowing an adversary to gain remote access to the device. Part of Google’s February Android Security Bulletin, released Monday, also warns of a second critical flaw that could allow a remote hacker to gain access to an Android handset and obtain sensitive data.
Tracked as CVE-2020-0022, the remote code execution (RCE) bug ...