In onCommand of CompanionDeviceManagerService.java, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing background data usage or launching from the background, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-129476618
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2020-07-17T20:06:50

Updated: 2024-08-04T05:55:12.439Z

Reserved: 2019-10-17T00:00:00

Link: CVE-2020-0227

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-07-17T21:15:12.497

Modified: 2024-11-21T04:53:08.563

Link: CVE-2020-0227

cve-icon Redhat

No data.