01642 06 11 11 Arrange Call

Missing Permission Checks in NotificationManagerService.java Allows Local Privilege Escalation

CVE-2020-0084 · HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVE-2020-0084

In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143339775

Learn more about our Cis Benchmark Audit For Google Android.