CVE-2020-0226

HIGH

Android 10 - Local Privilege Escalation via Type Confusion in Client.cpp

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2020-0226. PoCs published by ShaikUsaf, Trinadh465.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2020-0226, a vulnerability in Android's frameworks/native component. The exploit appears to target a local privilege escalation (LPE) by manipulating system properties or services, as indicated by the modified source files in the `cmds` directory.

Description

In createWithSurfaceParent of Client.cpp, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege in the graphics server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150226994

Exploits (2)

nomisec WORKING POC
by ShaikUsaf · poc
https://github.com/ShaikUsaf/frameworks_native_AOSP10_r33_ShaikUsaf-frameworks_native_AOSP10_r33_CVE-2020-0226

This repository contains a proof-of-concept exploit for CVE-2020-0226, a vulnerability in Android's frameworks/native component. The exploit appears to target a local privilege escalation (LPE) by manipulating system properties or services, as indicated by the modified source files in the `cmds` directory.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Android Open Source Project (AOSP) frameworks/native, version 10 (r33)
No auth needed
Prerequisites: Access to a vulnerable Android device or emulator · Ability to execute the modified binaries
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by Trinadh465 · poc
https://github.com/Trinadh465/frameworks_native_CVE-2020-0226

This repository contains a proof-of-concept exploit for CVE-2020-0226, a vulnerability in Android's frameworks/native component. The exploit appears to target a privilege escalation or information disclosure flaw, leveraging native code to manipulate system properties or services.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Android frameworks/native (versions affected by CVE-2020-0226)
No auth needed
Prerequisites: Access to a vulnerable Android device · Ability to execute native code on the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Patch, Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2020-07-01

Scores

CVSS v3 7.8
EPSS 0.0027
EPSS Percentile 18.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-843 CWE-787
Status published
Products (1)
google/android 10.0
Published Jul 17, 2020
Tracked Since Feb 18, 2026