In June updates, Google and Qualcomm addressed significant vulnerabilities affected Andriod users that could lead to remote code execution (RCE) on applicable devices. The bugs, CVE-2020-0117, and CVE-2020-8597 affect Andriod versions 8 to 10 and can allow for RCE in the context of a privileged process.
An attacker could potentially use this vulnerability, exploiting it through email, web browsing, or MMS, to install programs, view; change or delete data, or create new accounts with authority privileges. The Multi-State Information Sharing and Analysis Center released information on the vulnerabilities earlier this week after Google and Qualcomm addressed them in June security updates.
Read More: Two Critical Android Bugs Open Door to RCE