Vulnerability Data

CVE-2020-0099

Track security vulnerabilities

In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-141745510

Published at
2020-12-14
398 days ago
Modified
2020-12-14
398 days ago
2020
Year
The year of the turtle

https://source.android.com/security/bulletin/2020-12-01

MISC:https://source.android.com/security/bulletin/2020-12-01

Read More about itMore info

Vulnerability RAW

{
	"Title": {
		"_text": "CVE-2020-0099"
	},
	"Notes": {
		"Note": [
			{
				"_text": "In addWindow of WindowManagerService.java, there is a possible window overlay attack due to an insecure default value. This could lead to local escalation of privilege via tapjacking with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-141745510"
			},
			{
				"_text": "2020-12-14"
			},
			{
				"_text": "2020-12-14"
			}
		]
	},
	"CVE": {
		"_text": "CVE-2020-0099"
	},
	"References": {
		"Reference": {
			"URL": {
				"_text": "https://source.android.com/security/bulletin/2020-12-01"
			},
			"Description": {
				"_text": "MISC:https://source.android.com/security/bulletin/2020-12-01"
			}
		}
	}
}