7 matches found
CVE-2020-0105
In onKeyguardVisibilityChanged of keystoreservice.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is not needed for...
Hardcoded credentials
In onKeyguardVisibilityChanged of keystoreservice.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is not needed for...
CVE-2020-0105
CVE-2020-0105 affects Android 9 and 10. It stems from a missing permission check in onKeyguardVisibilityChanged within key_store_service.cpp, enabling local privilege escalation to use keyguard-bound keys when the screen is locked, without extra execution privileges. CVSS data (NVD) shows LOCAL a...
CVE-2019-2119
In multiple functions of keystoreservice.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
CVE-2019-2119
In multiple functions of keystoreservice.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
Information disclosure
In multiple functions of keystoreservice.cpp, there is a possible Information Disclosure due to improper locking. This could lead to local information disclosure of protected data with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...
CVE-2019-2119
CVE-2019-2119 affects Android: multiple functions in key_store_service.cpp allow local information disclosure due to improper locking. Impact is disclosure of protected data with no extra privileges and no user interaction required. Affected versions (from discussed entries): Android 8.0, 8.1, an...