In installPackageLI of PackageManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.
References
Configurations
No configuration.
History
29 Nov 2024, 22:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-863 |
28 Nov 2024, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-11-28 00:15
Updated : 2024-11-29 22:15
NVD link : CVE-2018-9374
Mitre link : CVE-2018-9374
CVE.ORG link : CVE-2018-9374
JSON object : View
Products Affected
No product.
CWE
CWE-863
Incorrect Authorization