CVE-2020-0219

Exploitation Summary

EIP tracks 4 public exploits for CVE-2020-0219. PoCs published by Trinadh465, Satheesh575555, pazhanivel07.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2020-0219, targeting Android's Settings app. The exploit leverages a vulnerability in the ActivityPicker component to achieve privilege escalation.

Description

In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-122836081

Exploits (4)

nomisec WORKING POC

by Trinadh465 · poc

https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old-one

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2020-0219, targeting Android's Settings app. The exploit leverages a vulnerability in the ActivityPicker component to achieve privilege escalation.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Android Settings app (AOSP10_r33)

No auth needed

Prerequisites: Access to the target Android device · Vulnerable version of the Settings app

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by Trinadh465 · poc

https://github.com/Trinadh465/packages_apps_Settings_AOSP10_r33_CVE-2020-0219_CVE-2020-0188_old

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2020-0219, targeting Android's Settings app. The exploit leverages a vulnerability in the ActivityPicker component to achieve privilege escalation.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Android Settings app (AOSP10_r33)

No auth needed

Prerequisites: Access to the target Android device · Vulnerable version of the Settings app

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by Satheesh575555 · poc

https://github.com/Satheesh575555/packages_apps_Settings_AOSP10_r33_CVE-2020-0219

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2020-0219, a vulnerability in Android's Settings app. The exploit involves manipulating intent flags to bypass security restrictions, potentially leading to privilege escalation.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Android Settings app (AOSP10_r33)

No auth needed

Prerequisites: Access to the target Android device · Ability to install or run malicious applications

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by pazhanivel07 · poc

https://github.com/pazhanivel07/Settings_10-r33_CVE-CVE-2020-0219

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2020-0219, a vulnerability in Android's Settings app. The exploit appears to leverage the vulnerability to manipulate intent handling, potentially leading to privilege escalation or unauthorized actions.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Android Settings app (version 10-r33)

No auth needed

Prerequisites: Access to the target Android device · Ability to install or run the exploit code

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Patch, Vendor Advisory x_refsource_misc

https://source.android.com/security/bulletin/pixel/2020-06-01

Android - Local Privilege Escalation via SliceDeepLinkSpringBoard Intent Handling

Exploitation Summary

Description

Exploits (4)

References (1)

Scores

Details