ShaikUsaf

30 exploits Active since Jun 2020
CVE-2020-0188 NOMISEC HIGH WORKING POC
Android 10 - Local Privilege Escalation via PendingIntent Error in SettingsSliceProvider
In onCreatePermissionRequest of SettingsSliceProvider.java, there is a possible permissions bypass due to a PendingIntent error. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-147355897
CVSS 7.8
CVE-2020-0137 NOMISEC HIGH WORKING POC
Android 10 - Missing Authorization in NetworkManagementService
In setIPv6AddrGenMode of NetworkManagementService.java, there is a possible bypass of networking permissions due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141920289
CVSS 7.8
CVE-2020-0452 NOMISEC CRITICAL WORKING POC
Android 8.0-11 - Integer Overflow to Remote Code Execution in EXIF Entry Processing
In exif_entry_get_value of exif-entry.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution if a third party app used this library to process remote image data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-159625731
CVSS 9.8
CVE-2020-0416 NOMISEC HIGH WORKING POC
Android - Local Privilege Escalation via Tapjacking in Settings Screens
In multiple settings screens, there are possible tapjacking attacks due to an insecure default value. This could lead to local escalation of privilege and permissions with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-155288585
CVSS 8.8
CVE-2020-0394 NOMISEC HIGH WORKING POC
Android - Tapjacking via BluetoothPairingDialog Insecure Default
In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing contact lists with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-155648639
CVSS 7.8