CVE-2020-0265

MEDIUM

Android 11 - Local Information Disclosure via Telephony Missing Permission Checks

Title source: llm
STIX 2.1

Description

In Telephony, there are possible leaks of sensitive data due to missing permission checks. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150155839

References (1)

Core 1
Core References

Scores

CVSS v3 5.5
EPSS 0.0014
EPSS Percentile 3.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-862
Status published
Products (1)
google/android 11.0
Published Sep 18, 2020
Tracked Since Feb 18, 2026