CVE-2020-0006

Summary

In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to remote information disclosure in the NFC server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-139738828

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-8.0affected
n/aAndroidAndroid-8.1affected
n/aAndroidAndroid-9affected
n/aAndroidAndroid-10affected

Weaknesses

  • Information disclosure

ADP Enrichment

CVE Program Container

Additional References

References