CVE-2020-0375

HIGH

Android 11 - Unauthenticated Permission Bypass in Telephony

Title source: llm
STIX 2.1

Description

In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege and the setting of supported EUICC countries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253476

References (1)

Core 1
Core References

Scores

CVSS v3 7.8
EPSS 0.0016
EPSS Percentile 5.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-862
Status published
Products (1)
google/android 11.0
Published Sep 17, 2020
Tracked Since Feb 18, 2026