CVE-2020-0204

In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege by allowing a bypass of the initial zip file signature check for an OS update with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136498130
References
Configurations

Configuration 1

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

Information

Published : 2020-06-11 03:15

Updated : 2020-06-15 03:44


NVD link : CVE-2020-0204

Mitre link : CVE-2020-0204

Products Affected
No products.
CWE