// For flags

CVE-2020-11828

 

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.

En ColorOS (sistema operativo de telefonía móvil oppo, basado en código surfaceflinger.CPP de position/services/surfaceflinger del frameworks/native de AOSP), RGB es definido en la pila (stack) pero no es inicializado, por eso cuando la función screenShot en la asignación del valor de RGB, no inicializará el valor que es devuelto a los atacantes, conllevando a que unos valores en la pila filtren información, la vulnerabilidad puede ser usada para omitir la funcionalidad ALSR por los atacantes.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2020-04-16 CVE Reserved
  • 2020-04-21 CVE Published
  • 2023-03-07 EPSS Updated
  • 2024-08-04 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-908: Use of Uninitialized Resource
CAPEC
References (1)
URL Tag Source
https://security.oppo.com/cn/noticedetails.html?noticeId=20201587348300033 Third Party Advisory
URL Date SRC
URL Date SRC
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Oppo
Search vendor "Oppo"
 Coloros
Search vendor "Oppo" for product "Coloros"
--
Affected