CyberSec.Space Logo
Back to CVE Browser

CVE-2020-0041

Known Exploited (CISA KEV)HIGH
7.8
CVSS Severity Score
EPSS Score50.7790%
EPSS Percentile85.64th
PublishedMar 10, 2020
Last ModifiedOct 23, 2025

Vulnerability Description

In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel

Affected Platforms (CPE)

๐Ÿ’ป
Google

Android

All versions

References & Advisories

๐Ÿ”— https://source.android.com/security/bulletin/2020-03-01
๐Ÿ”— https://source.android.com/security/bulletin/2020-03-01
๐Ÿ”— https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-0041

Related Vulnerabilities

CVE-2012-525410.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2012-525510.0

Buffer overflow in Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 ...

CVE-2019-1106310.0

A broken access control vulnerability in SmartHome app (Android versions up to 3.0.42_190515, ios versions up to 2.0.22) allows an...

CVE-2012-525610.0

Adobe Flash Player before 10.3.183.29 and 11.x before 11.4.402.287 on Windows and Mac OS X, before 10.3.183.29 and 11.x before 11....