VDB
CVE-2020-0458
CVE-2020-0458
PUBLISHED
In Google Android existieren mehrere Schwachstellen. Sie befinden sich in den Komponenten "Framework", "Google Play", "Media Framework", "MediaTek", "Qualcomm closed-source components", "Qualcomm components", "Kernel" und "System". Ein Angreifer kann dieses nutzen und seine Privilegien erweitern, Code zur Ausführung bringen, vertrauliche Daten einsehen, sowie einen Denial of Service Zustand herbeiführen. Zur erfolgreichen Ausnutzung einiger dieser Schwachstellen ist eine Benutzerinteraktion erforderlich.
EPSS 0.35% · 57.9th percentile
Risk Scores
EPSS Score
0.35%
57.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Oracle Linux | |
| Google Android 8.1 | ||
| IBM | IBM Security Guardium 11.5 | |
| Avaya | Avaya Aura Session Manager | |
| Google Android 10 | ||
| Avaya | Avaya Aura Experience Portal | |
| Avaya | Avaya Aura System Manager | |
| SUSE | SUSE Linux | |
| Google Android 8.0 | ||
| Avaya | Avaya Aura Communication Manager | |
| Google Android 11 | ||
| Avaya | Avaya Web License Manager | |
| Red Hat | Red Hat Enterprise Linux | |
| Avaya | Avaya Aura Application Enablement Services | |
| RIM | BlackBerry BlackBerry | |
| IBM | IBM Security Guardium 11.4 | |
| Google Android 9 |
Exploit Intelligence
- nanopathi/system_media_AOSP10_r33_CVE-2020-0458 (github-poc)
- nanopathi/system_media_AOSP10_r33_CVE-2020-0458 (github-poc)
- nanopathi/system_media_AOSP10_r33_CVE-2020-0458 (github-poc)
- nanopathi/system_media_AOSP10_r33_CVE-2020-0458 (github-poc)
- nanopathi/system_media_AOSP10_r33_CVE-2020-0458 (github-poc)
- CIRCL seen: CVE-2020-0458 (circl-sighting)
- https://source.android.com/security/bulletin/2020-12-01 (circl)
Timeline
- Dec 8, 2020 CVE Published
- Dec 15, 2020 PoC Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://wid.cert-bund.de/.well-known/csaf/white/2020/wid-sec-w-2022-2387.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2387 advisory
- https://www.ibm.com/support/pages/node/6999317 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2023-May/015022.html advisory
- https://downloads.avaya.com/css/P8/documents/101075693 advisory
- https://access.redhat.com/errata/RHSA-2021:1093 advisory
- http://linux.oracle.com/errata/ELSA-2021-1093.html advisory
- http://linux.oracle.com/errata/ELSA-2021-9164.html advisory
- https://access.redhat.com/errata/RHSA-2021:2099 advisory
- https://source.android.com/security/bulletin/2020-12-01 advisory
- https://source.android.com/security/bulletin/pixel/2020-12-01 advisory
- http://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000072551 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2020-December/008120.html advisory
- https://access.redhat.com/errata/RHSA-2021:2106 advisory
- https://lists.suse.com/pipermail/sle-security-updates/2021-February/008323.html advisory
- https://access.redhat.com/errata/RHSA-2021:0686 advisory
- https://access.redhat.com/errata/RHSA-2021:0689 advisory
- https://access.redhat.com/errata/RHSA-2021:0763 advisory
- https://access.redhat.com/errata/RHSA-2021:0774 advisory
- https://access.redhat.com/errata/RHSA-2021:0765 advisory
…and 8 more