CVE-2019-9463 - In Platform, there is a possible bypass of user interaction requirements due to background app inter

CVE-2019-9463

Summary

In Platform, there is a possible bypass of user interaction requirements due to background app interception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113584607

References

https://source.android.com/security/bulletin/android-10

Vulnerable Configurations

cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:10.0:*:*:*:*:*:*:*

CVSS

Base:	4.4 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:L/AC:M/Au:N/C:P/I:P/A:P

refmap via4

misc

https://source.android.com/security/bulletin/android-10

Last major update

24-08-2020 - 17:37

Published

27-09-2019 - 19:15

Last modified

24-08-2020 - 17:37