CVE-2020-0388

Summary

In createEmergencyLocationUserNotification of GnssVisibilityControl.java, there is a possible permissions bypass due to an empty mutable PendingIntent. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-156123285

Affected Software

VendorProductVersion RangeStatus
n/aAndroidAndroid-11 Android-10affected

Weaknesses

  • Elevation of privilege

ADP Enrichment

CVE Program Container

Additional References

References