CVE-2020-0136

HIGH

Android 10 - Integer Overflow to Out-of-Bounds Write in Parcel.cpp

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-0136. PoCs published by Satheesh575555.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2020-0136, a vulnerability in the Android libhwbinder library. The exploit demonstrates how to trigger the vulnerability by manipulating binder transactions, potentially leading to privilege escalation.

Description

In multiple locations of Parcel.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to local escalation of privilege in the system server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-120078455

Exploits (1)

nomisec WORKING POC

by Satheesh575555 · poc

https://github.com/Satheesh575555/libhwbinder_AOSP10_r33_CVE-2020-0136

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2020-0136, a vulnerability in the Android libhwbinder library. The exploit demonstrates how to trigger the vulnerability by manipulating binder transactions, potentially leading to privilege escalation.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Android libhwbinder (AOSP 10 r33)

No auth needed

Prerequisites: Access to a vulnerable Android device with libhwbinder

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://source.android.com/security/bulletin/pixel/2020-06-01

Scores

CVSS v3 7.8

EPSS 0.0025

EPSS Percentile 15.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-190 CWE-787

Status published

Products (1)

google/android 10.0

Published Jun 11, 2020

Tracked Since Feb 18, 2026