CVE-2020-0314

MEDIUM

Android 11 - Unauthenticated Information Disclosure via AudioService

Title source: llm
STIX 2.1

Description

In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920

References (1)

Core 1
Core References

Scores

CVSS v3 5.5
EPSS 0.0014
EPSS Percentile 3.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-862
Status published
Products (1)
google/android 11.0
Published Sep 17, 2020
Tracked Since Feb 18, 2026