Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. High-Severity Vulnerability in Android Devices (CVE-2020-0096)
Alerts

High-Severity Vulnerability in Android Devices (CVE-2020-0096)

27 May 2020

Security researchers discovered a high-severity privilege escalation vulnerability affecting devices running the Android operating system versions 9.0 and earlier. This vulnerability is dubbed StrandHogg 2.0 (CVE-2020-0096).

Successful exploitation allows an attacker to hijack any application installed on an affected device, to gain unauthorised access to messages, photos, login credentials and GPS geo-locations, or spy through the device's camera and microphone.

Affected Android users are advised to update their devices to the latest firmware once it is available.

Users are also recommended to only download applications from the official Google Play Store.

More information is available at
https://www.bleepingcomputer.com/news/security/critical-android-bug-lets-malicious-apps-hide-in-plain-sight/

Back to top