High-Severity Vulnerability in Android Devices (CVE-2020-0096)

Published on 27 May 2020

Updated on 27 May 2020

Security researchers discovered a high-severity privilege escalation vulnerability affecting devices running the Android operating system versions 9.0 and earlier. This vulnerability is dubbed StrandHogg 2.0 (CVE-2020-0096).

Successful exploitation allows an attacker to hijack any application installed on an affected device, to gain unauthorised access to messages, photos, login credentials and GPS geo-locations, or spy through the device's camera and microphone.

Affected Android users are advised to update their devices to the latest firmware once it is available.

Users are also recommended to only download applications from the official Google Play Store.

More information is available at
https://www.bleepingcomputer.com/news/security/critical-android-bug-lets-malicious-apps-hide-in-plain-sight/