CVE-2020-0443
MEDIUMAndroid - Denial of Service via Uncaught Exception in LocaleList
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2020-0443. PoCs published by Supersonic.
AI-analyzed exploit summary This PoC exploits CVE-2020-0443 by manipulating the 'system_locales' setting in Android, causing a boot loop (DoS) upon reboot. The exploit leverages a vulnerability in Android's Settings provider to corrupt system state.
Description
In LocaleList of LocaleList.java, there is a possible forced reboot due to an uncaught exception. This could lead to local denial of service requiring factory reset to restore with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152410253
Exploits (1)
This PoC exploits CVE-2020-0443 by manipulating the 'system_locales' setting in Android, causing a boot loop (DoS) upon reboot. The exploit leverages a vulnerability in Android's Settings provider to corrupt system state.
References (1)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H