CVE-2020-0416
published 2020-10-14CVE-2020-0416: In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-155288585
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| android | — | — | |
| platform | packages_apps_settings | >= 10:0 < 10:2020-10-01 | 10:2020-10-01 |
| platform | packages_apps_settings | >= 8.0:0 < 8.0:2020-10-01 | 8.0:2020-10-01 |
| platform | packages_apps_settings | >= 8.1:0 < 8.1:2020-10-01 | 8.1:2020-10-01 |
| platform | packages_apps_settings | >= 9:0 < 9:2020-10-01 | 9:2020-10-01 |