New vulnerability on the NVD: CVE-2020-0108

0

0

In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616

Published at: August 11, 2020 at 04:15PM
View on website

John Jason Fallows

See author's posts