CVE-2020-0394

HIGH

Android - Privilege Escalation

Title source: llm

Description

In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value. This could lead to local escalation of privilege and untrusted devices accessing contact lists with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-155648639

Exploits (4)

gitlab WRITEUP

by pazhanivel07 · poc

https://gitlab.com/pazhanivel07/Settings_10-r33_CVE-2020-0394_02

View Code ZIP pw:eip

nomisec WORKING POC

by pazhanivel07 · poc

https://github.com/pazhanivel07/Settings_10-r33_CVE-2020-0394_02

View Code ZIP pw:eip

nomisec WORKING POC

by pazhanivel07 · poc

https://github.com/pazhanivel07/Settings_10-r33_CVE-2020-0394

View Code ZIP pw:eip

nomisec WORKING POC

by ShaikUsaf · poc

https://github.com/ShaikUsaf/packages_apps_settings_AOSP10_r33_CVE-2020-0394

View Code ZIP pw:eip

References (1)

[Vendor Advisory] https://source.android.com/security/bulletin/2020-09-01

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 1.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-1188 CWE-1021

Status published

Products (4)

google/android 8.0

google/android 8.1

google/android 9.0

google/android 10.0

Published Sep 17, 2020

Tracked Since Feb 18, 2026