Login Sign Up

CVE-2020-0278

9.8 CRITICAL

📋 TL;DR

CVE-2020-0278 is an out-of-bounds write vulnerability in Android System-on-Chip (SoC) components that could allow attackers to execute arbitrary code or cause system crashes. This affects Android devices with vulnerable SoC implementations. The vulnerability stems from incorrect bounds checking in memory operations.

💻 Affected Systems

Products:
  • Android devices with vulnerable SoC implementations
Versions: Android SoC versions prior to September 2020 patches
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Specific SoC vendors and models may vary; check with device manufacturers for exact affected hardware.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution with kernel privileges leading to complete device compromise, data theft, or persistent backdoor installation.

🟠

Likely Case

Local privilege escalation allowing apps to gain elevated permissions, or denial of service causing device instability.

🟢

If Mitigated

Limited impact if devices are patched, have memory protection features enabled, or run in sandboxed environments.

🌐 Internet-Facing: MEDIUM - Requires local access or malicious app installation, but could be chained with other vulnerabilities for remote exploitation.
🏢 Internal Only: HIGH - Local attackers or malicious apps can exploit this for privilege escalation on vulnerable devices.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access or malicious app installation; no public exploit code is documented.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Bulletin September 2020 patches

Vendor Advisory: https://source.android.com/security/bulletin/2020-09-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > Advanced > System update. 2. Install September 2020 security patch or later. 3. Reboot device after installation.

🔧 Temporary Workarounds

Disable unnecessary apps and permissions

all

Reduce attack surface by limiting app installations and permissions

Enable Google Play Protect

android

Use built-in malware scanning to detect potentially malicious apps

🧯 If You Can't Patch

  • Isolate vulnerable devices from critical networks and sensitive data
  • Implement application allowlisting to prevent unauthorized app installations

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android security patch level. If before September 2020, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Android security patch level shows September 2020 or later date.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • Memory access violation errors in system logs
  • Unexpected process crashes with memory-related errors

Network Indicators:

  • Unusual outbound connections from system processes
  • Anomalous privilege escalation attempts

SIEM Query:

source="android_system" AND (event_type="kernel_panic" OR error="memory_access")

📊 Metadata

CVE ID: CVE-2020-0278
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: September 17, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-0278, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)