Coloros
CVE-2020-11828
HIGH
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Lifecycle Timeline
1DescriptionNVD
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.
AnalysisAI
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified as Use of Uninitialized Resource (CWE-908), which allows attackers to access uninitialized memory causing crashes or information disclosure. In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR. Affected products include: Oppo Coloros.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Initialize all variables, use compiler warnings for uninitialized access, use memory-safe languages.
There is a command injection problem in the old version of the mobile phone backup app. Rated critical severity (CVSS 9.
Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.
ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But s
Same weakness CWE-908 – Use of Uninitialized Resource
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today