Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2020-0069

KEV EPSS 0.77% · P74
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2020-0069

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Google Android Mediatek Command Queue driver 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Android是美国谷歌(Google)和开放手持设备联盟(简称OHA)的一套以Linux为基础的开源操作系统。Mediatek Command Queue driver是其中的一个命令队列驱动程序。 Android中的Mediatek Command Queue driver存在缓冲区错误漏洞。攻击者可利用该漏洞提升权限。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Shenlong Deep Dive — AI Deep Analysis

10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.

Read summary Full analysis (login)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Android Android kernel -

II. Public POCs for CVE-2020-0069

#POC DescriptionSource LinkShenlong Link
1Root your MediaTek device with CVE-2020-0069https://github.com/R0rt1z2/AutomatedRootPOC Details
2reversing mtk-suhttps://github.com/TheRealJunior/mtk-su-reverse-cve-2020-0069POC Details
3simple poc for CVE-2020-0069https://github.com/yanglingxi1993/CVE-2020-0069POC Details
4Nonehttps://github.com/quarkslab/CVE-2020-0069_pocPOC Details
5CVE-2020-0069https://github.com/0xf15h/mtk_suPOC Details
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2020-0069

登录查看更多情报信息。

Same Patch Batch · n/a · 2020-03-10 · 83 CVEs total

CVE-2020-0041Google Android Binder 缓冲区错误漏洞
CVE-2020-0063Android System 安全漏洞
CVE-2020-0037Android System 缓冲区错误漏洞
CVE-2020-0038Android System 缓冲区错误漏洞
CVE-2020-0036Android System 安全漏洞
CVE-2020-0033Android Media Framework 缓冲区错误漏洞
CVE-2020-0032Android Media Framework 缓冲区错误漏洞
CVE-2020-0031Android Framework 信息泄露漏洞
CVE-2020-0029Android System 信息泄露漏洞
CVE-2020-0034Android Media Framework 缓冲区错误漏洞
CVE-2020-0039Android System 缓冲区错误漏洞
CVE-2020-0042Google Android FPC 缓冲区错误漏洞
CVE-2020-0043Google Android FPC Fingerprint TEE 组件缓冲区错误漏洞
CVE-2020-0044Google Android FPC Fingerprint TEE 组件缓冲区错误漏洞
CVE-2020-0058Android System 缓冲区错误漏洞
CVE-2020-0059Android System 缓冲区错误漏洞
CVE-2020-0060Android System SQL注入漏洞
CVE-2020-0083Android System 安全漏洞
CVE-2020-0061Android System 安全漏洞
CVE-2020-0045Android Framework 竞争条件问题漏洞

Showing top 20 of 83 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Android
Same vendor: n/a

V. Comments for CVE-2020-0069

No comments yet

Leave a comment