Two Critical Android Bugs Open Door to RCE
In June updates, Google and Qualcomm addressed significant vulnerabilities affected Andriod users that could lead to remote code execution (RCE) on applicable devices. The bugs, CVE-2020-0117, and CVE-2020-8597 affect Andriod versions 8 to 10 and can allow for RCE in the context of a privileged process.
An attacker could potentially use this vulnerability, exploiting it through email, web browsing, or MMS, to install programs, view; change or delete data, or create new accounts with authority privileges. The Multi-State Information Sharing and Analysis Center released information on the vulnerabilities earlier this week after Google and Qualcomm addressed them in June security updates.
Read More: Two Critical Android Bugs Open Door to RCE