Login Sign Up

CVE-2020-0445

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

CVE-2020-0445 is a critical out-of-bounds write vulnerability in Android System-on-Chip (SoC) components that could allow attackers to execute arbitrary code with kernel privileges. This affects Android devices using vulnerable SoC implementations. Successful exploitation could lead to complete device compromise.

💻 Affected Systems

Products:
  • Android devices with vulnerable SoC implementations
Versions: Android SoC versions prior to November 2020 security patch
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Specific SoC vendors and models may vary; check manufacturer advisories for exact affected hardware.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device takeover with kernel-level privileges, allowing installation of persistent malware, data theft, and device bricking.

🟠

Likely Case

Remote code execution leading to data exfiltration, surveillance, or ransomware deployment on vulnerable devices.

🟢

If Mitigated

Limited impact if devices are patched, have strict app permissions, and network segmentation in enterprise environments.

🌐 Internet-Facing: HIGH - Android devices often connect to untrusted networks and download apps from various sources.
🏢 Internal Only: MEDIUM - Enterprise-managed devices with restricted app installations and network controls have reduced exposure.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Out-of-bounds write vulnerabilities in kernel/SOC components are often exploitable but require specific memory manipulation techniques.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: November 2020 Android Security Patch Level or later

Vendor Advisory: https://source.android.com/security/bulletin/2020-11-01

Restart Required: Yes

Instructions:

1. Check for system updates in Settings > System > Advanced > System update. 2. Install November 2020 or later security patch. 3. Reboot device after installation.

🔧 Temporary Workarounds

Restrict app installations

android

Only allow app installations from trusted sources like Google Play Store with Play Protect enabled.

Network segmentation

all

Isolate Android devices on separate network segments from critical infrastructure.

🧯 If You Can't Patch

  • Isolate affected devices on restricted network segments
  • Implement mobile device management (MDM) with strict app whitelisting

🔍 How to Verify

Check if Vulnerable:

Check Android security patch level in Settings > About phone > Android version > Security patch level. If date is before November 2020, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify security patch level shows November 2020 or later date.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • Unexpected process crashes
  • Memory access violation errors in system logs

Network Indicators:

  • Unusual outbound connections from Android devices
  • Suspicious traffic to known exploit servers

SIEM Query:

source="android_logs" AND ("kernel panic" OR "segmentation fault" OR "out of bounds")

📊 Metadata

CVE ID: CVE-2020-0445
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: November 10, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-0445, you might also want to check these:

CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2025-24201 10.0

This critical vulnerability allows malicious web content to break out of the Web Content sandbox via...

Same vulnerability type (CWE-787)
CVE-2020-14871 10.0

This is a critical buffer overflow vulnerability (CWE-787) in Oracle Solaris's Pluggable Authenticat...

Same vulnerability type (CWE-787)