Vulnerability Details CVE-2020-0473
In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-160691486
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.1%
CVSS Severity
CVSS v3 Score 4.6
CVSS v2 Score 2.1
References