Severity Rating: HIGH
Software Affected
Google Android versions 8.0, 8.1, 9, 10
Overview
Multiple vulnerabilities have been reported in Google Android which could
allow a remote attacker to execute arbitrary code, gain permissions without
authorization and access sensitive information on a targeted system.
Description
These vulnerabilities exist in Android framework, Media framework, System,
Kernel, Qualcomm components (Camera, Kernel, WLAN and Display) and other
Qualcomm closed source components of Google Android. A remote attacker
could exploit these vulnerabilities by convincing the user to install a
crafted application.
Successful exploitation of these vulnerability could allow the attacker to
execute arbitrary code, gain permissions without authorization and access
sensitive information on the targeted system.
Solution
Apply appropriate over-the-air updates as mentioned by various device
manufacturers.
Vendor Information
Android
References
CISecurity
oid-os-could-allow-for-arbitrary-code-execution_2020-073/
CVE Name
CVE-2020-0114
CVE-2020-0115
CVE-2020-0121
CVE-2020-0118
CVE-2020-0113
CVE-2020-0117
CVE-2020-8597
CVE-2020-0116
CVE-2020-0119
CVE-2019-2219
CVE-2019-9460
CVE-2020-8647
CVE-2020-8648
CVE-2020-8428
CVE-2017-9704
CVE-2019-14047
CVE-2020-3665
CVE-2019-14073
CVE-2019-14080
CVE-2019-10597
CVE-2019-14062
CVE-2019-14076
CVE-2020-3614
CVE-2020-3626
CVE-2020-3628
CVE-2020-3635
CVE-2020-3642
CVE-2020-3658
CVE-2020-3660
CVE-2020-3661
CVE-2020-3662
CVE-2020-3663
CVE-2020-3676