CVE-2020-0108
HIGHAndroid - Local Privilege Escalation via Uncaught Exception in ServiceRecord
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-0108. PoCs published by CrackerCat.
AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2020-0108, a privilege escalation vulnerability in Android's ActivityManagerService (AMS) that allows malicious apps to run foreground services without displaying notifications. The PoC demonstrates two attack methods: one exploiting a flaw in NotificationManagerService's error handling and another in ServiceRecord's notification posting logic.
Description
In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616
Exploits (1)
This repository contains a proof-of-concept exploit for CVE-2020-0108, a privilege escalation vulnerability in Android's ActivityManagerService (AMS) that allows malicious apps to run foreground services without displaying notifications. The PoC demonstrates two attack methods: one exploiting a flaw in NotificationManagerService's error handling and another in ServiceRecord's notification posting logic.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H