How severe is CVE-2020-0003?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2020-0003?

This is classified as CWE-367, which is a common weakness in software security.

CVE-2020-0003

MEDIUM Year: 2020

CVSS v3 Score

6.7

Medium

CVSS v2 Score

3.7

Low

Weakness Type

CWE-367

View all →

Vulnerability Description

In onCreate of InstallStart.java, there is a possible package validation bypass due to a time-of-check time-of-use vulnerability. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-140195904

CVE-2020-8354

MEDIUM

CVSS:6.7(Medium)

A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution.

CWE-3672020

CVE-2021-0897

MEDIUM

CVSS:6.7(Medium)

In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not need...

CWE-3672021

CVE-2021-1567

MEDIUM

CVSS:6.7(Medium)

A vulnerability in the DLL loading mechanism of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device...

CWE-3672021

CVE-2022-20906

MEDIUM

CVSS:6.7(Medium)

Multiple vulnerabilities in Cisco Nexus Dashboard could allow an authenticated, local attacker to elevate privileges on an affected device. These vulnerabilities are due to insufficient input validati...

CWE-3672022