{"id":"ASB-A-161370134", "published":"2020-11-01T00:00:00Z", "modified":"2026-06-12T15:08:17.296522730Z", "aliases":["CVE-2020-0454", "A-161370134"], "details":"In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass due to a missing permission check. This could lead to local information disclosure of the current SSID with User execution privileges needed. User interaction is not needed for exploitation.", "affected":[{"package":{"name":"platform/frameworks/base", "ecosystem":"Android"}, "ranges":[{"type":"ECOSYSTEM", "events":[{"introduced":"9:0"}, {"fixed":"9:2020-11-01"}]}], "versions":["9"], "ecosystem_specific":{"fixes":["https://android.googlesource.com/platform/frameworks/base/+/7f60f432fbfac7ed1e258c32d278d2f27657994b", "https://android.googlesource.com/platform/frameworks/base/+/9b1d701af461899a03b046dbf97316abc1465ac3"], "severity":"High", "spl":"2020-11-01", "types":["ID"], "vanir_signatures":[{"deprecated":false, "digest":{"line_hashes":["41750540924876421795543889169397981588", "320653660452709258495303455067266570832", "165619541108193421049190638063307391769"], "threshold":0.9}, "id":"ASB-A-161370134-26398324", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9b1d701af461899a03b046dbf97316abc1465ac3", "target":{"file":"core/java/android/net/NetworkSpecifier.java"}}, {"deprecated":false, "digest":{"function_hash":"244648458143701244857651541663122227227", "length":1281}, "id":"ASB-A-161370134-3e8a2390", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9b1d701af461899a03b046dbf97316abc1465ac3", "target":{"file":"services/core/java/com/android/server/ConnectivityService.java", "function":"callCallbackForRequest"}}, {"deprecated":false, "digest":{"line_hashes":["64908480793503434194443228325251410634", "93959184073957393704012454104880247562", "181759802501073974075344696870031747559", "13967322983454266479103010117821478018", "274682479534064299191875377987477857737", "201805671658800472987127607420274656461", "45283108990960512657803373015692903668", "156361305808350531313653326459768610221"], "threshold":0.9}, "id":"ASB-A-161370134-5ab26a21", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9b1d701af461899a03b046dbf97316abc1465ac3", "target":{"file":"services/core/java/com/android/server/ConnectivityService.java"}}, {"deprecated":false, "digest":{"function_hash":"254636724448741048342525518162750353099", "length":207}, "id":"ASB-A-161370134-de3240bb", "signature_type":"Function", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/9b1d701af461899a03b046dbf97316abc1465ac3", "target":{"file":"services/core/java/com/android/server/ConnectivityService.java", "function":"networkCapabilitiesRestrictedForCallerPermissions"}}, {"deprecated":false, "digest":{"line_hashes":["13901909979477510420513569477512162004", "247253085583972152373255890304629014140", "198124119316495475315496290879082431960"], "threshold":0.9}, "id":"ASB-A-161370134-e47bd65d", "signature_type":"Line", "signature_version":"v1", "source":"https://android.googlesource.com/platform/frameworks/base/+/7f60f432fbfac7ed1e258c32d278d2f27657994b", "target":{"file":"wifi/java/android/net/wifi/aware/WifiAwareAgentNetworkSpecifier.java"}}]}}], "references":[{"type":"ADVISORY", "url":"https://source.android.com/security/bulletin/2020-11-01"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/5263e86850a0f8d91fa66eb491b6f9765a0291c7"}, {"type":"FIX", "url":"https://android.googlesource.com/platform/frameworks/base/+/20491714c2ca0a8fd789220e9a8afba3701f5113"}]}