CVE-2020-0069
Published: 10 March 2020
Summary
CVE-2020-0069 is a high-severity Out-of-bounds Write (CWE-787) vulnerability in Huawei Y6 2019 Firmware. Its CVSS base score is 7.8 (High).
Operationally, ranked in the top 26.1% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
The vulnerability is an out-of-bounds write in the ioctl handlers of the Mediatek Command Queue driver within the Android kernel. It stems from insufficient input sanitization combined with missing SELinux restrictions and is tracked under Android ID A-147882143 and CWE-787. The issue affects Android devices using the Mediatek kernel components and carries a CVSS 3.1 score of 7.8.
A local attacker with low privileges can invoke the affected ioctl interfaces to corrupt kernel memory, achieving escalation of privilege to higher levels without requiring user interaction or additional execution rights. This allows full compromise of the kernel's confidentiality, integrity, and availability on the device.
Android security bulletins from March 2020 and related Huawei advisories address the flaw through kernel patches that enforce proper input validation and SELinux policy restrictions. The vulnerability appears in CISA's catalog of known exploited vulnerabilities, confirming observed in-the-wild use.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2020-1576
Vulnerability details
In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges…
more
needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754
- CWE(s)
- KEV Date Added
- 03 November 2021
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires validation of inputs to ioctl interfaces, eliminating the insufficient sanitization root cause of the out-of-bounds write.
Enforces SELinux mandatory access controls on kernel driver entry points, blocking the unauthorized ioctl access that enables privilege escalation.
Applies memory-protection mechanisms that limit the ability of a successful out-of-bounds write to corrupt kernel memory and escalate privileges.