Login Sign Up

CVE-2020-27050

7.8 HIGH

📋 TL;DR

This CVE describes a heap buffer overflow vulnerability in Android's NFC stack that allows local privilege escalation. An attacker could exploit this to gain elevated system privileges on affected Android devices. Only Android 11 devices are affected, requiring user interaction for exploitation.

💻 Affected Systems

Products:
  • Android
Versions: Android 11 only
Operating Systems: Android
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects devices with NFC hardware and Android 11. Requires user to interact with malicious NFC tag.

📦 What is this software?

Android by Google

View all CVEs affecting Android →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete device compromise allowing attacker to execute arbitrary code with system privileges, install persistent malware, access all user data, and bypass security controls.

🟠

Likely Case

Local privilege escalation allowing malware to gain higher privileges than initially obtained, potentially enabling data theft or further system compromise.

🟢

If Mitigated

Limited impact due to user interaction requirement and Android's security sandboxing, with potential containment to the affected process.

🌐 Internet-Facing: LOW - Exploitation requires local access and user interaction, not directly exploitable over network.
🏢 Internal Only: MEDIUM - Physical access or social engineering could enable exploitation, but requires user interaction with NFC functionality.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user to scan a malicious NFC tag. No public exploit code is known.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Android Security Patch Level 2020-12-01 or later

Vendor Advisory: https://source.android.com/security/bulletin/pixel/2020-12-01

Restart Required: Yes

Instructions:

1. Check for Android system updates in Settings > System > Advanced > System update. 2. Install the December 2020 security patch or later. 3. Reboot device after installation.

🔧 Temporary Workarounds

Disable NFC

android

Temporarily disable NFC functionality to prevent exploitation via malicious tags

Restrict NFC usage

android

Only use NFC with trusted sources and avoid scanning unknown NFC tags

🧯 If You Can't Patch

  • Disable NFC functionality completely in device settings
  • Implement strict physical security controls to prevent unauthorized NFC tag scanning

🔍 How to Verify

Check if Vulnerable:

Check Android version in Settings > About phone > Android version. If version is 11 and security patch level is before December 2020, device is vulnerable.

Check Version:

adb shell getprop ro.build.version.release && adb shell getprop ro.build.version.security_patch

Verify Fix Applied:

Verify Android Security Patch Level is 2020-12-01 or later in Settings > About phone > Android security patch level.

📡 Detection & Monitoring

Log Indicators:

  • Unusual NFC tag scanning activity
  • Process crashes in com.android.nfc
  • Privilege escalation attempts

Network Indicators:

  • N/A - Local vulnerability

SIEM Query:

N/A - Primarily local device logs would need monitoring

📊 Metadata

CVE ID: CVE-2020-27050
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: December 15, 2020
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-27050, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)