2 matches found
CVE-2020-0397
In getNotificationBuilder of CarrierServiceStateTracker.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...
CVE-2020-0397
The CVE-2020-0397 entry describes a permission bypass in Android’s CarrierServiceStateTracker.getNotificationBuilder due to an unsafe PendingIntent, enabling local information disclosure with low attack complexity. Affected are Android 8.0–11 variants (Android-8.0, 8.1, 9, 10, 11) per the officia...