Published: 11/08/2020 Updated: 21/07/2021

CVSS v2 Base Score: 4.9 | Impact Score: 6.9 | Exploitability Score: 3.9

CVSS v3 Base Score: 5.5 | Impact Score: 3.6 | Exploitability Score: 1.8

VMScore: 436

Vector: AV:L/AC:L/Au:N/C:C/I:N/A:N

In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-154719656

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 8.0
google android 8.1
google android 9.0
google android 10.0

As the world descends into madness, it's good to see some things never change: Monthly Android patches

The Register • Shaun Nichols in San Francisco • 04 Aug 2020

Qualcomm bugs among the worst – including a critical hole in wireless networking Is it Patch Blues-day for Outlook? Microsoft's email client breaks worldwide, leaves everyone stumped

Google has emitted the August edition of its Android software security updates. This month's fixes include one remote-code-execution bug (CVE-2020-0240), present in the Android Framework. Google warns that the bug "could enable a remote attacker using a specially crafted file to execute arbitrary code within the context of an unprivileged process," though isn't being exploited... yet. That flaw was the only remote-code-execution bug present in the 01 level of the security patch bundle. This is t...

CVE-2020-0249

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect