{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-20T23:32:59.650","vulnerabilities":[{"cve":{"id":"CVE-2020-27030","sourceIdentifier":"security@android.com","published":"2020-12-15T16:15:15.417","lastModified":"2024-11-21T05:20:42.187","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In onCreate of HandleApiCalls.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege that allows an app to set or dismiss the alarm with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-150612638"},{"lang":"es","value":"En la función onCreate del archivo HandleApiCalls.java, se presenta una posible omisión de permisos debido a un problema de tipo confused deputy. Esto podría conllevar a una escalada local de privilegios que permite que una aplicación active o desactive la alarma sin ser necesarios privilegios de ejecución adicionales. No es requerida una interacción del usuario para su explotación. Producto: Android, Versiones: Android-11, ID de Android: A-150612638"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:11.0:*:*:*:*:*:*:*","matchCriteriaId":"109DD7FD-3A48-4C3D-8E1A-4433B98E1E64"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/pixel/2020-12-01","source":"security@android.com","tags":["Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/pixel/2020-12-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}