2 matches found
CVE-2020-0015
In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product:...
CVE-2020-0015
CVE-2020-0015 affects the Android framework via CertInstaller.java (onCreate), where an attacker could overlay the Certificate Installation dialog to escalate privileges locally without extra execution privileges. Impact is described as local EoP with partial confidentiality/integrity/availabilit...