Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In onCreateSliceProvider of KeyguardSliceProvider.java, there is a possible confused deputy due to a PendingIntent error. This could lead to local escalation of privilege that allows actions performed as the System UI, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147606347
No PoCs from references.
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/Nivaskumark/CVE-2020-0114-frameworks
- https://github.com/Nivaskumark/CVE-2020-0114-frameworks_base
- https://github.com/Nivaskumark/CVE-2020-0114-frameworks_base11
- https://github.com/Nivaskumark/CVE-2020-0114-frameworks_base_afterfix
- https://github.com/Nivaskumark/CVE-2020-0114-frameworks_basegbdgb
- https://github.com/Nivaskumark/CVE-2020-0114-frameworks_basety
- https://github.com/Nivaskumark/_beforeCVE-2020-0114-frameworks_base
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/hectorgie/PoC-in-GitHub
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC
- https://github.com/tea9/CVE-2020-0114-systemui
- https://github.com/trhacknon/Pocingit