Security News > 2020 > June > Two Critical Android Bugs Open Door to RCE

Google has addressed two critical flaws in its latest monthly Android update that enable remote code execution on Android mobile devices.
The critical bugs exist in the Android System area, and would allow a remote attacker using a specially crafted transmission to execute arbitrary code within the context of a privileged process.
Google also patched CVE-2020-0115, an EoP bug in Android 8 to Android 10; and CVE-2020-0121, an information-disclosure bug in Android 10.
There are also two patches for the Android Media Framework, including CVE-2020-0118, which could enable a local malicious application to bypass user interaction requirements in order to gain access to additional permissions; it affects Android 10.
Google also updated the advisories for two older bugs: CVE-2019-2219, affecting Framework for Android 8 to Android 10, could enable a local malicious application to bypass operating system protections that isolate application data from other applications; and an EoP vulnerability in System could enable a remote attacker to bypass user interaction requirements in order to gain access to additional permissions.
News URL
https://threatpost.com/two-critical-android-bugs-rce/156216/
Related news
- Critical RCE bug in Microsoft Outlook now exploited in attacks (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-10 | CVE-2020-0115 | Incorrect Authorization vulnerability in Google Android In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. | 7.8 |
2020-06-10 | CVE-2020-0118 | Out-of-bounds Write vulnerability in Google Android 10.0 In addListener of RegionSamplingThread.cpp, there is a possible out of bounds write due to improper input validation. | 7.8 |
2020-06-10 | CVE-2020-0121 | Unspecified vulnerability in Google Android 10.0 In updateUidProcState of AppOpsService.java, there is a possible permission bypass due to a logic error. | 5.5 |
2019-12-06 | CVE-2019-2219 | Race Condition vulnerability in Google Android 10.0/9.0 In several functions of NotificationManagerService.java and related files, there is a possible way to record audio from the background without notification to the user due to a permission bypass. | 4.7 |