Telephony Vulnerability: Local Privilege Escalation and EUICC Country Setting Bypass

Telephony Vulnerability: Local Privilege Escalation and EUICC Country Setting Bypass

CVE-2020-0375 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege and the setting of supported EUICC countries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253476

Learn more about our Cis Benchmark Audit For Google Android.