3 matches found
CVE-2020-0454
In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure of the current SSID with User execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0454
In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure of the current SSID with User execution privileges needed. User interaction is not needed for exploitation.Product:...
CVE-2020-0454
Summary: CVE-2020-0454 affects Android 9 (Android-9) via the ConnectivityService.java callCallbackForRequest, enabling a local attacker with LOW privileges to bypass a permission check and disclose the current SSID without user interaction. Exploitation is localized to the device; no remote acces...