{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-09T22:19:45.794","vulnerabilities":[{"cve":{"id":"CVE-2020-0473","sourceIdentifier":"security@android.com","published":"2020-12-15T16:15:13.070","lastModified":"2024-11-21T04:53:34.627","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In updateIncomingFileConfirmNotification of BluetoothOppNotification.java, there is a possible permissions bypass. This could lead to local escalation of privilege allowing an attacker with physical possession of the device to transfer files to it over Bluetooth, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-160691486"},{"lang":"es","value":"En la función updateIncomingFileConfirmNotification del archivo BluetoothOppNotification.java, se presenta una posible omisión de permisos. Esto podría conllevar a una escalada local de privilegios que permita a un atacante con posesión física del dispositivo transferir archivos a él por medio de Bluetooth, sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. Producto: Android, Versiones: Android-11, ID de Android: A-160691486"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N","baseScore":4.6,"baseSeverity":"MEDIUM","attackVector":"PHYSICAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"NONE"},"exploitabilityScore":0.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:N/I:P/A:N","baseScore":2.1,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-863"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/pixel/2020-12-01","source":"security@android.com","tags":["Patch","Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/pixel/2020-12-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}