CVE-2020-0022

Q: What is the severity of CVE-2020-0022?

CVE-2020-0022 has a CVSS score of 8.8 (HIGH). CVE-2020-0022 is a critical Bluetooth vulnerability in Android that allows remote code execution without user interaction. An attacker can exploit this by sending specially crafted Bluetooth packets to vulnerable devices, potentially taking full control. This affects Android devices running versions 8.0 through 10.

8.8 HIGH

Remote Code Execution Buffer Overflow

📋 TL;DR

CVE-2020-0022 is a critical Bluetooth vulnerability in Android that allows remote code execution without user interaction. An attacker can exploit this by sending specially crafted Bluetooth packets to vulnerable devices, potentially taking full control. This affects Android devices running versions 8.0 through 10.

💻 Affected Systems

Products:

Android smartphones
Android tablets
Android-based devices with Bluetooth

Versions: Android 8.0, 8.1, 9, 10

Operating Systems: Android

Default Config Vulnerable: ⚠️ Yes

Notes: All devices with Bluetooth enabled are vulnerable; some manufacturers may have delayed patches.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains full system control over vulnerable Android device via Bluetooth, enabling data theft, surveillance, or device compromise.

🟠

Likely Case

Remote code execution leading to malware installation, data exfiltration, or device takeover within Bluetooth range.

🟢

If Mitigated

No impact if patched or Bluetooth disabled; limited impact if network segmentation restricts Bluetooth access.

🌐 Internet-Facing: LOW (requires Bluetooth proximity, not internet connectivity)

🏢 Internal Only: HIGH (exploitable within Bluetooth range in physical environments)

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit code is publicly available; no authentication required; works within Bluetooth range (~10 meters).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Bulletin February 2020 or later

Vendor Advisory: https://source.android.com/security/bulletin/2020-02-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > Advanced > System update. 2. Install Android Security Patch Level February 2020 or later. 3. Reboot device after installation.

🔧 Temporary Workarounds

Disable Bluetooth

all

Turn off Bluetooth to prevent exploitation

adb shell settings put global bluetooth_on 0
Settings > Connected devices > Connection preferences > Bluetooth > Turn off

Restrict Bluetooth visibility

all

Set Bluetooth to non-discoverable mode

adb shell settings put global bluetooth_discoverability 0
Settings > Connected devices > Connection preferences > Bluetooth > Device name > Turn off visibility

🧯 If You Can't Patch

Disable Bluetooth completely when not in use
Implement physical security controls to restrict Bluetooth access to trusted areas

🔍 How to Verify

Check if Vulnerable:

Check Android Security Patch Level: Settings > About phone > Android version > Security patch level. If earlier than February 2020, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Confirm Security Patch Level is February 2020 or later: Settings > About phone > Android version > Security patch level.

📡 Detection & Monitoring

Log Indicators:

Bluetooth stack crashes in logcat
Unexpected Bluetooth pairing attempts
Abnormal Bluetooth packet sizes in system logs

Network Indicators:

Unusual Bluetooth traffic patterns
Malformed Bluetooth packets detected by monitoring tools

SIEM Query:

source="android_logs" AND "Bluetooth" AND ("crash" OR "out of bounds" OR "packet_fragmenter")

📊 Metadata

CVE ID: CVE-2020-0022

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-682

Published: February 13, 2020

Last Updated: November 21, 2024

🔗 References

http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html Exploit,Third Party Advisory,VDB Entry
http://seclists.org/fulldisclosure/2020/Feb/10 Mailing List,Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en Third Party Advisory
https://source.android.com/security/bulletin/2020-02-01 Patch,Vendor Advisory
http://packetstormsecurity.com/files/156891/Android-Bluetooth-Remote-Denial-Of-Service.html Exploit,Third Party Advisory,VDB Entry
http://seclists.org/fulldisclosure/2020/Feb/10 Mailing List,Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200513-03-smartphone-en Third Party Advisory
https://source.android.com/security/bulletin/2020-02-01 Patch,Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Android by Google

Android by Google

Android by Google

Android by Google

Honor 8a Firmware by Huawei

Honor 8x Firmware by Huawei

Honor View 20 Firmware by Huawei

Mate 20 Firmware by Huawei

Mate 20 Pro Firmware by Huawei

Mate 20 X Firmware by Huawei

Mate 30 5g Firmware by Huawei

Mate 30 Firmware by Huawei

Mate 30 Pro 5g Firmware by Huawei

Mate 30 Pro Firmware by Huawei

Nova 3 Firmware by Huawei

Nova Lite 3 Firmware by Huawei

P Smart 2019 Firmware by Huawei

P Smart Firmware by Huawei

P20 Firmware by Huawei

P20 Pro Firmware by Huawei

P30 Firmware by Huawei

P30 Pro Firmware by Huawei

Y6 2019 Firmware by Huawei

Y6 Pro 2019 Firmware by Huawei

Y9 2019 Firmware by Huawei

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable Bluetooth

Restrict Bluetooth visibility

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities