3 matches found
CVE-2020-0023
In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious app enables contacts over a bluetooth connection, with User execution privileges...
CVE-2020-0023
CVE-2020-0023 affects Android 10 and is described as a local information disclosure in which a Bluetooth-enabled app could access user contacts due to a missing permission check in AdapterService.java. The vulnerability occurs in setPhonebookAccessPermission and could allow a malicious app to dis...
Two Critical Android Bugs Get Patched in February Update
Google has released a security update for a critical flaw in its Android operating system that allows hackers to execute remote code on affected handsets, potentially allowing an adversary to gain remote access to the device. Part of Google’s February Android Security Bulletin, released Monday,...