Local Privilege Escalation Vulnerability in SurfaceFlinger with TEE Bypass

CVE-2020-0063

In SurfaceFlinger, it is possible to override UI confirmation screen protected by the TEE. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143128911

Learn more about our Cis Benchmark Audit For Google Android.