Uninitialized Data Information Disclosure in rw_i93_send_cmd_write_single_block of rw_i93.cc

Uninitialized Data Information Disclosure in rw_i93_send_cmd_write_single_block of rw_i93.cc

CVE-2020-0006 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

In rw_i93_send_cmd_write_single_block of rw_i93.cc, there is a possible information disclosure of heap memory due to uninitialized data. This could lead to remote information disclosure in the NFC server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android-10 Android ID: A-139738828

Learn more about our Cis Benchmark Audit For Google Android.