Login Sign Up

CVE-2020-0376

9.1 CRITICAL

📋 TL;DR

CVE-2020-0376 is an out-of-bounds read vulnerability in Android System-on-Chip (SoC) components that could allow attackers to read sensitive memory contents. This affects Android devices with vulnerable SoC firmware. Attackers could potentially gain unauthorized access to device memory.

💻 Affected Systems

Products:
  • Android devices with vulnerable SoC components
Versions: Android SoC firmware versions prior to October 2020 patches
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Specific SoC vendors and models may vary. Requires firmware-level patching from device manufacturers.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full device compromise including privilege escalation, data exfiltration, and remote code execution through memory corruption chaining.

🟠

Likely Case

Information disclosure of sensitive memory contents, potential denial of service through system crashes.

🟢

If Mitigated

Limited impact with proper memory isolation and exploit mitigations like ASLR and stack canaries.

🌐 Internet-Facing: MEDIUM - Requires local access or malicious app installation, but could be combined with other vulnerabilities.
🏢 Internal Only: HIGH - Malicious apps or compromised processes could exploit this locally.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access or malicious app installation. Exploitation depends on specific memory layout and SoC implementation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Bulletin October 2020 patches

Vendor Advisory: https://source.android.com/security/bulletin/2020-10-01

Restart Required: Yes

Instructions:

1. Check for Android security updates in device settings. 2. Apply October 2020 or later security patches. 3. Contact device manufacturer for SoC firmware updates if available. 4. Reboot device after update installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only install apps from trusted sources like Google Play Store to reduce attack surface.

Enable Google Play Protect

android

Ensure Google Play Protect is enabled to detect potentially harmful apps.

🧯 If You Can't Patch

  • Isolate vulnerable devices from critical networks and sensitive data
  • Implement application allowlisting to prevent unauthorized app execution

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version. If patch level is before October 2020, device is vulnerable.

Check Version:

Settings > About phone > Android version > Security patch level

Verify Fix Applied:

Verify security patch level shows October 2020 or later in device settings.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • Unexpected process crashes
  • Memory access violation logs in system logs

Network Indicators:

  • Unusual outbound connections from Android devices
  • Suspicious app behavior patterns

SIEM Query:

source="android_system_logs" AND ("kernel panic" OR "segmentation fault" OR "memory violation")

📊 Metadata

CVE ID: CVE-2020-0376
CVSS v3 Score: 9.1 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CWE: CWE-125
Published: October 14, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-0376, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)