Skip to main content

CVE-2020-27023

Severity Medium
Score 4.4/10

Summary

In setErrorPlaybackState of BluetoothMediaBrowserService.java, there is a possible permission bypass due to an unsafe PendingIntent. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156009462

  • LOW
  • LOCAL
  • NONE
  • UNCHANGED
  • NONE
  • HIGH
  • HIGH
  • NONE

References

Advisory Timeline

  • Published