01642 06 11 11 Arrange Call

Local Privilege Escalation Vulnerability in SurfaceFlinger with TEE Bypass

CVE-2020-0063 · HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CVE-2020-0063

In SurfaceFlinger, it is possible to override UI confirmation screen protected by the TEE. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143128911

Learn more about our Cis Benchmark Audit For Google Android.