Lucene search

[email protected]CVE-2020-0022

HistoryFeb 13, 2020 - 3:15 p.m.

CVE-2020-0022

2020-02-1315:15:11

CWE-682

[email protected]

web.nvd.nist.gov

122

cve-2020-0022

out of bounds write

remote code execution

bluetooth

android-8.0

android-8.1

android-9

android-10

8.3 High

CVSS2

Attack Vector

ADJACENT_NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:A/AC:L/Au:N/C:C/I:C/A:C

8.8 High

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.7 High

AI Score

Confidence

High

0.014 Low

EPSS

Percentile

86.3%

JSON

In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715

Affected configurations

NVD

Node

googleandroidMatch8.0

googleandroidMatch8.1

googleandroidMatch9.0

googleandroidMatch10.0

Node

huaweimate_20_firmwareRange<10.0.0.195\(c00e74r3p8\)

AND

huaweimate_20Match-

Node

huaweimate_20_pro_firmwareRange<10.0.0.196\(c185e7r2p4\)

AND

huaweimate_20_proMatch-

Node

huaweimate_20_x_firmwareRange<10.0.0.195\(c00e74r2p8\)

AND

huaweimate_20_xMatch-

Node

huaweip_smart_firmwareRange<9.1.0.193\(c605e6r1p5t8\)

AND

huaweip_smartMatch-

Node

huaweip_smart_2019_firmwareRange<10.0.0.180\(c185e3r4p1\)

AND

huaweip_smart_2019Match-

Node

huaweip20_firmwareRange<10.0.0.162\(c00e156r1p4\)

AND

huaweip20Match-

Node

huaweip20_pro_firmwareRange<10.0.0.162\(c00e156r1p4\)

AND

huaweip20_proMatch-

Node

huaweip30_firmwareRange<10.0.0.190\(c432e22r2p5\)

AND

huaweip30Match-

Node

huaweip30_pro_firmwareRange<10.0.0.195\(c00e85r2p8\)

AND

huaweip30_proMatch-

Node

huaweiy6_2019_firmwareRange<9.1.0.290\(c185e5r4p1\)

AND

huaweiy6_2019Match-

Node

huaweiy6_pro_2019_firmwareRange<9.1.0.290\(c636e5r3p1\)

AND

huaweiy6_pro_2019Match-

Node

huaweiy9_2019_firmwareRange<9.1.0.264\(c185e2r5p1t8\)

AND

huaweiy9_2019Match-

Node

huaweinova_3_firmwareRange<9.1.0.338\(c00e333r1p1t8\)

AND

huaweinova_3Match-

Node

huaweinova_lite_3_firmwareRange<9.1.0.322\(c635e8r2p2\)

AND

huaweinova_lite_3Match-

Node

huaweihonor_8a_firmwareRange<9.1.0.291\(c185e3r4p1\)

AND

huaweihonor_8aMatch-

Node

huaweihonor_8x_firmwareRange<10.0.0.183\(c185e2r6p1\)

AND

huaweihonor_8xMatch-

Node

huaweihonor_view_20_firmwareRange<10.0.0.195\(c636e3r4p3\)

AND

huaweihonor_view_20Match-

Node

huaweimate_30_pro_firmwareRange<10.0.0.203\(c00e202r7p2\)

AND

huaweimate_30_proMatch-

Node

huaweimate_30_firmwareRange<10.0.0.203\(c00e202r7p2\)

AND

huaweimate_30Match-

Node

huaweimate_30_pro_5g_firmwareRange<10.0.0.203\(c00e202r7p2\)

AND

huaweimate_30_pro_5gMatch-

Node

huaweimate_30_5g_firmwareRange<10.0.0.203\(c00e202r7p2\)

AND

huaweimate_30_5gMatch-

CPENameOperatorVersion
google:androidgoogle androideq8.0
google:androidgoogle androideq8.1
google:androidgoogle androideq9.0
google:androidgoogle androideq10.0

CPE	Name	Operator	Version
google:android	google android	eq	8.0
google:android	google android	eq	8.1
google:android	google android	eq	9.0
google:android	google android	eq	10.0

CNA Affected

[
  {
    "product": "Android",
    "vendor": "n/a",
    "versions": [
      {
        "status": "affected",
        "version": "Android-8.0 Android-8.1 Android-9 Android-10"
      }
    ]
  }
]