CVE-2020-0001

HIGH

Android 8.0-10 - Local Privilege Escalation via ActivityManagerService getProcessRecordLocked

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-0001. PoCs published by Zachinio, codecat007.

AI-analyzed exploit summary This PoC demonstrates CVE-2020-0001, a vulnerability allowing an untrusted app to run system components in its process. The exploit involves an Android service and Frida script to hook into system processes.

Description

In getProcessRecordLocked of ActivityManagerService.java isolated apps are not handled correctly. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-140055304

Exploits (2)

nomisec WORKING POC 9 stars

by Zachinio · poc

https://github.com/Zachinio/CVE-2020-0001

View Code ZIP pw:eip

This PoC demonstrates CVE-2020-0001, a vulnerability allowing an untrusted app to run system components in its process. The exploit involves an Android service and Frida script to hook into system processes.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Android (specific version not specified)

No auth needed

Prerequisites: Android device with vulnerable system component · Ability to install and run the PoC app

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

github WORKING POC 8 stars

by codecat007 · cpoc

https://github.com/codecat007/cvehub/tree/main/android/CVE-2020-0001

View Code ZIP pw:eip

This repository contains a functional PoC for CVE-2020-0001, demonstrating how an untrusted app can run a system component in its own process. The exploit involves an Android service and Frida script to manipulate process isolation.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Android (specific versions affected by CVE-2020-0001)

No auth needed

Prerequisites: Android device with CVE-2020-0001 vulnerability · Frida for hooking system functions

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://source.android.com/security/bulletin/2020-01-01

Scores

CVSS v3 7.8

EPSS 0.0010

EPSS Percentile 28.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (4)

google/android 8.0

google/android 8.1

google/android 9.0

google/android 10.0

Published Jan 08, 2020

Tracked Since Feb 18, 2026