CVE-2020-0443

MEDIUM

Google Android - Improper Exception Handling

Title source: rule

Description

In LocaleList of LocaleList.java, there is a possible forced reboot due to an uncaught exception. This could lead to local denial of service requiring factory reset to restore with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152410253

Exploits (1)

nomisec WORKING POC 17 stars

by Supersonic · poc

https://github.com/Supersonic/CVE-2020-0443

View Code ZIP pw:eip

References (1)

[Patch, Vendor Advisory] https://source.android.com/security/bulletin/2020-11-01

Scores

CVSS v3 5.5

EPSS 0.0023

EPSS Percentile 45.6%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-755

Status published

Affected Products (5)

google/android

Timeline

Published Nov 10, 2020

Tracked Since Feb 18, 2026