CVE-2020-0382
LOWAndroid 10-11 - Local Information Disclosure via Uncaught Exception in dumpstate.cpp
Title source: llmDescription
In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead to local information disclosure of bug report data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-10Android ID: A-152944488
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://source.android.com/security/bulletin/2020-09-01
Scores
CVSS v3
2.3
EPSS
0.0015
EPSS Percentile
4.7%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Details
CWE
CWE-755
Status
published
Products (2)
google/android
10.0
google/android
11.0
Published
Sep 17, 2020
Tracked Since
Feb 18, 2026