Vulnerabilities > CVE-2020-0258 - Incomplete Cleanup vulnerability in Google Android 10.0

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
NONE
Availability impact
NONE
local
low complexity
google
CWE-459

Summary

In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup. This could lead to local information disclosure in the application that is started next with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-157598956

Vulnerable Configurations

Part Description Count
OS
Google
1

Common Weakness Enumeration (CWE)