CVE-2020-0196

MEDIUM

Android 10 - Remote Denial of Service via Bluetooth RegisterNotificationResponse

Title source: llm
STIX 2.1

Description

In RegisterNotificationResponse::GetEvent of register_notification_packet.cc, there is a possible abort due to improper input validation. This could lead to remote denial of service of the Bluetooth service, over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-144066833

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/pixel/2020-06-01

Scores

CVSS v3 6.5
EPSS 0.0030
EPSS Percentile 21.3%
Attack Vector ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Details

CWE
CWE-20
Status published
Products (1)
google/android 10.0
Published Jun 11, 2020
Tracked Since Feb 18, 2026