Vulnerability Data

CVE-2020-0114

Track security vulnerabilities

In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347

Published at
2020-06-10
585 days ago
Modified
2020-06-10
585 days ago
2020
Year
The year of the turtle

https://source.android.com/security/bulletin/2020-06-01

MISC:https://source.android.com/security/bulletin/2020-06-01

Read More about itMore info

Vulnerability RAW

{
	"Title": {
		"_text": "CVE-2020-0114"
	},
	"Notes": {
		"Note": [
			{
				"_text": "In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347"
			},
			{
				"_text": "2020-06-10"
			},
			{
				"_text": "2020-06-10"
			}
		]
	},
	"CVE": {
		"_text": "CVE-2020-0114"
	},
	"References": {
		"Reference": {
			"URL": {
				"_text": "https://source.android.com/security/bulletin/2020-06-01"
			},
			"Description": {
				"_text": "MISC:https://source.android.com/security/bulletin/2020-06-01"
			}
		}
	}
}