VYPR
High severity7.0NVD Advisory· Published Jun 11, 2020· Updated Jun 17, 2026

CVE-2020-0204

CVE-2020-0204

Description

In InstallPackage of package.cpp, there is a possible bypass of a signature check due to a Time of Check/Time of Use condition. This could lead to local escalation of privilege by allowing a bypass of the initial zip file signature check for an OS update with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136498130

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Android/Androiddescription
  • Google/Androidllm-fuzzy
    Range: Android-10

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.